| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/like_user_1.jpg | 172.67.198.239 | 200 OK | 1.2 kB |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/like_user_1.jpg IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3 Hasha30b3e672397544c7e884f1d3dd95d9a 6789e6db8866ba14c7086142116b66ad00ccd0c6 1efe45e9a4803837967aa10cf70378a4cff1f09c24229a7ad7d93c6edfb2162e
GET /wbpage5/mvas-puzz/like_user_1.jpg HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:51 GMT
content-type: image/jpeg
content-length: 1165
cf-bgj: h2pri
etag: "48d-617842d94eeb4"
last-modified: Fri, 03 May 2024 03:18:48 GMT
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lvpj9sbqappfqXzmXtNIhgfhB%2Bz3FmhVwUqFwKWlQ1cnipgdfI55rhPA8NvQ1jFnjwF2EfqUgn6G9VLiL0gu%2Bp3idh%2Bn0Rgw01WQI4MUqlsO4wGxI%2BY1Lg0rBKkE7UYccINePYOTgFc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:51 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/like_user_1.jpg>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 88030c8df859b518-OSL
|
|
| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/de15.jpg | 172.67.198.239 | 200 OK | 1.4 kB |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/de15.jpg IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3 Hash31010a8d060eb2d7b18f7f2375b03936 4ae711ed9beb8eb6ac53407abe5280fba4ffad13 3c7b5189e80fa7fe2598057c1db5ee5cb05b8bb0f8ada52d6cff2167d5b2c6d4
GET /wbpage5/mvas-puzz/de15.jpg HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:51 GMT
content-type: image/jpeg
content-length: 1393
cf-bgj: h2pri
etag: "571-617842cee7957"
last-modified: Fri, 03 May 2024 03:18:37 GMT
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z8kI5IUcJUdeBr%2FcCwOitOjCkq90MMhDqjBatmGIl2SA9FGAt4Ick5tyrggh6L%2FpjcCAC5ow%2BnawU5ITE6mxS97mruUBgn0q%2F6x25us8blwaq3Yw2%2FjoBrGzzyfx0Wia8wg%2B3w2qJu4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:51 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/de15.jpg>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 88030c8e087cb518-OSL
|
|
| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/de16.jpg | 172.67.198.239 | 200 OK | 1.6 kB |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/de16.jpg IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3 Hasha67d9e9a543ed92f9f3b725c7c5f9721 96dd303cb51d317ae406cfeb0a9e152b1d632079 3910f35a919d82d1be3560e002f39cff5a4b35745e4de605cc68d8af63732101
GET /wbpage5/mvas-puzz/de16.jpg HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:51 GMT
content-type: image/jpeg
content-length: 1576
cf-bgj: h2pri
etag: "628-617842d024b91"
last-modified: Fri, 03 May 2024 03:18:38 GMT
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=90JxTvxFKj0lWcArjPTC0V7Frl0%2BlSjDNb3BWs6CMDgG5eM%2FMBuU0TpqSdrxtZEKTO6cubBbCnILkKLQup%2FCWus6UVQENeNMrHEpojoJTVOfry%2BlcXgtOVkarbMCDUKyEOLMC175kDw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:51 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/de16.jpg>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 88030c8e0880b518-OSL
|
|
| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/footer_right.png | 172.67.198.239 | 200 OK | 4.9 kB |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/footer_right.png IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typePNG image data, 168 x 66, 8-bit colormap, non-interlaced Hashe6c450b77882805ca4fd18276e14dc77 1bab2941ed8b1ecd9b2e4b524639b1ffc2219c22 0e9d0f653bfad1f1c73b7a415fcfc47f7062d50bf3ccd80b70650ec3a014258a
GET /wbpage5/mvas-puzz/footer_right.png HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:51 GMT
content-type: image/png
content-length: 4920
last-modified: Fri, 03 May 2024 03:18:40 GMT
etag: "1338-617842d22b85d"
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2WdvfarNiVlzE8I%2F0afzMROQP3dv49l4zYiinILmtDUMfKSEvcrnlc54hacMAfFQC8geADqiXreXBsEK%2B%2FYHMM7iB%2BxqKS4FooXZSTKTKjYGOMjOA3LaAiC9Lv0xCjaPn9Icxw2tNjw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:51 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/footer_right.png>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 88030c8e088db518-OSL
|
|
| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/clip_footer_3.png | 172.67.198.239 | 200 OK | 2.5 kB |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/clip_footer_3.png IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typePNG image data, 52 x 59, 8-bit colormap, non-interlaced Hashe1b626392882cc25b4d891afaa68afd4 454d7abdbc2548d04feb95436ea0ab4126b4f00b ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f
GET /wbpage5/mvas-puzz/clip_footer_3.png HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:51 GMT
content-type: image/png
content-length: 2460
last-modified: Fri, 03 May 2024 03:18:30 GMT
etag: "99c-617842c8d7d2a"
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mj36DEXKSlbED%2FWVUjmMANPOhKFz9uR5ELJ4ZraONjRG9oipJAI9MS8a8yQifcAIAzwAQQuksgbYZX7W692XOg86LJ0wuasA2OoRiJRzuM61w9BAOEJ65PjwOZRtSw6hnJ6MsVTBFMw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:51 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/clip_footer_3.png>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 88030c8e0887b518-OSL
|
|
| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/de12.jpg | 172.67.198.239 | 200 OK | 1.2 kB |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/de12.jpg IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3 Hashe02d7580ec0d53ca837c8c5711cbfe44 5807f265051d386e95f282be3f0d88245034a04d 10847ef1fc4edf2fa0c90327d9ee0a971112ad38d605b893da775871993d6a40
GET /wbpage5/mvas-puzz/de12.jpg HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:51 GMT
content-type: image/jpeg
content-length: 1164
last-modified: Fri, 03 May 2024 03:18:34 GMT
etag: "48c-617842cc15e71"
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LCh5a9CWHGqPa1lW7YR4mlUUuBBcrAKJA9DygikY%2BQVmXpQyFYVyONTS2jb%2BODtyA%2BSR9q3x1ZX1A6epunxY4DlOZAOmqlCUSm8UbiohJ2yfOxC%2B9x2QcZVtLILLMgNfKWr8GIo5fWo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:51 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/de12.jpg>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 88030c8df871b518-OSL
|
|
| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 | 172.67.198.239 | 200 OK | 11 kB |
URL User Request GET HTTP/2fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 IP172.67.198.239:443
CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (307) Hash9ef056894be6901204cbff276e77c44e eea1e7a68d02e6f0a9e8a0f84ac82fb691e1c68d a9554b2bd98705fc7bec67a42da973c2799a3bd14095c8acdb1af8f0eeb2d357
GET /wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 17:49:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 03 May 2024 03:18:45 GMT
cache-control: max-age=604800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k81gTDmLJXzyjeLcozMqbFUyLojtS8AwDKbVE0PMT2PxYz7hs5IRXRHzQvoh5F1lpOwEKkF9cGUejh7YmYvM0BYc2TgDAaxEVGqN05rnZjn99nktQDYL6rO%2FLO74Miv3%2B6vOI9kJ9RY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:51 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
server: cloudflare
cf-ray: 88030c8a788a56cc-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/notify_2x.png | 172.67.198.239 | 200 OK | 229 B |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/notify_2x.png IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typePNG image data, 36 x 32, 8-bit gray+alpha, non-interlaced Hash73957661478e076d53f7bcb2a074e08b 6a28fb246591664cfc48ab67a8e3e3f1d40fcbfb 7e4f0f1f8fedda8305c75c67df14a351fb9e02e616564aea4cd904d56810f1b4
GET /wbpage5/mvas-puzz/notify_2x.png HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:51 GMT
content-type: image/png
content-length: 229
last-modified: Fri, 03 May 2024 03:18:50 GMT
etag: "e5-617842db82a40"
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bu5c1WWHYFf719U9w%2B1UFbRX8VHK2u%2ByUh75i78KetkazvTi2zOiukXIyJ28pV%2BipdQss45zLPGKq%2BiaIJ%2B4RZORFVgjaxNOSuOq6gLlkL2ciVREFGb1%2FdVy3DhltOWlxNIY2tvyr0k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:51 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/notify_2x.png>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 88030c8f2a7ab518-OSL
|
|
| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/de14.jpg | 172.67.198.239 | 200 OK | 1.2 kB |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/de14.jpg IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3 Hash52a70d606ccf4d564d7939d6b6c87a5d 6bcade549a33f0dfd4820c26777bcafecf52d063 039a9b733f0315e7cfd28e9b36a5b5be4c4678cb74116aa8d32f835b7b18a00a
GET /wbpage5/mvas-puzz/de14.jpg HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:51 GMT
content-type: image/jpeg
content-length: 1213
last-modified: Fri, 03 May 2024 03:18:36 GMT
etag: "4bd-617842ce1c36d"
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7EN%2FOnqYT%2FYkMDIUFJS%2Bk5%2BFtpk%2FgQ1D8gXYD51jBKg01b6rPBqoqos2haMquq8xJfzdpnxsn1a%2B5MxbTEOp2DFj6oi%2BAVGc6zddT%2BSwR1Gvl3xJQktVin9yhlFd%2BAgFSdIndRrjHeA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:51 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/de14.jpg>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 88030c8e0877b518-OSL
|
|
| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/de13.jpg | 172.67.198.239 | 200 OK | 1.2 kB |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/de13.jpg IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3 Hash42793316aff38c7bc3370d00a2d9874a 1241bc28d6a4e82026ded036b202f6900e12b0ab 9cf4dc00d3de4c197937851609f97a261a4a4ff5360535fedb01da436a49404e
GET /wbpage5/mvas-puzz/de13.jpg HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:51 GMT
content-type: image/jpeg
content-length: 1180
last-modified: Fri, 03 May 2024 03:18:35 GMT
etag: "49c-617842ccecbf3"
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lxb0FyPbX3vfQ2AuxIH2A7U%2B%2FwhepaNmb9jJuUjZKs%2B17314KKpVaTJ1vw5%2B%2F04%2FYSLnSkpE7s%2B%2Fzz2kL6rq%2Fuz9%2BpjCv6bMwMnAUaK%2BTesbiCb7Z8M81HaG0ZOmEZOkHSPpC092Xdw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:51 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/de13.jpg>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 88030c8df874b518-OSL
|
|
| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/i13pro-g.png | 172.67.198.239 | 200 OK | 6.5 kB |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/i13pro-g.png IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typePNG image data, 200 x 236, 8-bit colormap, non-interlaced Hash90e9c68f4bdc955fa8c06358e1bf36cd 1cdcf3eb79b36980343cce18593568f6aba2483a 25f41f616a456f289f5f4f4b5c8485280175be6b63b7364bc2aac8b150901cf6
GET /wbpage5/mvas-puzz/i13pro-g.png HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:51 GMT
content-type: image/png
content-length: 6509
last-modified: Fri, 03 May 2024 03:18:41 GMT
etag: "196d-617842d2f08b7"
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u697MCmtfRy7OH9OHZL0TVUzouIrkPgW3%2BeWG6OhuM4u%2F%2FbT0Dpb%2BoNeG75Qj7yBmEr%2BFVsB3WMw8SDIth8kQ0wcigW6Lw2m7EqPuGDd%2Fy2jnqbNuC75OzhkWNNQ0wNvrbGAazssU6I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:51 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/i13pro-g.png>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 88030c8df857b518-OSL
|
|
| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/de11.jpg | 172.67.198.239 | 200 OK | 1.2 kB |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/de11.jpg IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3 Hash13ff3666a22af90780602dcbd1dccd63 9cbf1ae139dfc534789081f6d900904ccb027452 773a5077357ad5c822ce93b52781f24a20f37533532c0cf999abbc42ba5fc55c
GET /wbpage5/mvas-puzz/de11.jpg HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:51 GMT
content-type: image/jpeg
content-length: 1237
last-modified: Fri, 03 May 2024 03:18:33 GMT
etag: "4d5-617842cae72ae"
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xVtrVmYux19SUz%2BdgPJiXY8xLYI7OzsOnDMiSlB1x%2FG8oAPY75bR1yu9%2FRz66q2NWY4DIZQrBRl4aoEJziQceHVE%2BAEmWza1KVNMKJrJVnYGLVUUe4b6jfT8fI0uhnLhtG93hp82Ch4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:51 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/de11.jpg>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 88030c8df86cb518-OSL
|
|
| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/de17.jpg | 172.67.198.239 | 200 OK | 921 B |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/de17.jpg IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3 Hashdc72cc9f4c14bb894dceb598ff40c15c d69f87574bfa835b2630b5b121a4eef88a79cf27 7173537aaaaadaea9eeb65559c8d6104fe9cf5d09a65d4024655ef01b58ee96e
GET /wbpage5/mvas-puzz/de17.jpg HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:52 GMT
content-type: image/jpeg
content-length: 921
last-modified: Fri, 03 May 2024 03:18:39 GMT
etag: "399-617842d0e0393"
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MoWAjmXxOZ1o3veRPlXz1wMHnu%2B56BxxTfqQwZ20NKksbfnVoLk%2Fcat%2BTbso9f4eD9Ijo2p0OKggLzTPC7Cx%2FSeVnOoySr2Dp0AekM92c4h2UXsgij%2Bsiyzi2rJx3Tp%2FfKdY6sklRdw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:52 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/de17.jpg>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 88030c8e0884b518-OSL
|
|
| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/like_user_2.jpg | 172.67.198.239 | 200 OK | 1.1 kB |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/like_user_2.jpg IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3 Hash1242cc036190a4601d91ccd6a8e8f3d4 d01959cff8a2f82c342e4f874cb607d7b9ed631b 4594a6563171078094efb91a0c71b0abf1790877f0ce2de308e8f52a07ecc262
GET /wbpage5/mvas-puzz/like_user_2.jpg HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:52 GMT
content-type: image/jpeg
content-length: 1060
last-modified: Fri, 03 May 2024 03:18:48 GMT
etag: "424-617842d96b3d4"
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5MiZ1UWjDd6iRcM1AZCBpc9ZNLNpWzdOVgkKFDEvau55kKAnUvrhRjI9pZLzh39Naj6nhLyjlLSathApwpwUyqCOOKoraPwkJZdhgQcpkblpcblg%2BT%2FlvGJD7OOK9W5VJ1TnZ47sylo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:52 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/like_user_2.jpg>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 88030c8df86ab518-OSL
|
|
| gauvaiho.net/zone?&pub=0&zone_id=4984707&is_mobile=false&domain=fl2.hearteningindependentvisit.shop&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=ee8213a4-32e3-4cfd-8693-48f993cff3ef&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2gauvaiho.net/zone?&pub=0&zone_id=4984707&is_mobile=false&domain=fl2.hearteningindependentvisit.shop&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=ee8213a4-32e3-4cfd-8693-48f993cff3ef&action=prerequest IP139.45.197.251:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjectgauvaiho.net Fingerprint7A:BC:57:20:5D:99:49:16:5F:C9:C1:4F:27:AA:47:0F:D8:A8:FA:57 ValidityFri, 19 Apr 2024 05:44:25 GMT - Thu, 18 Jul 2024 05:44:24 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=4984707&is_mobile=false&domain=fl2.hearteningindependentvisit.shop&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=ee8213a4-32e3-4cfd-8693-48f993cff3ef&action=prerequest HTTP/1.1
Host: gauvaiho.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 17:49:52 GMT
content-length: 0
x-trace-id: 2c5dbe69146f83f51a2fb7e3a7f1a75c
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1028
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 17:49:52 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 0b93a9ce229215e06d1f942e2f25afae
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1031
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 17:49:52 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 2a0ff2773b3a924906592e6502be6cc5
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1030
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 17:49:52 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 94822b942c2161992e42e12a821f209e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/action_icons_20px_2x.png | 172.67.198.239 | 200 OK | 1.7 kB |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/action_icons_20px_2x.png IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typePNG image data, 40 x 360, 8-bit colormap, non-interlaced Hashb699975b5fe73b087e711a33ff24ee1e 0e33cc5c32a5e7d18440751e3946076664caaf53 4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e
GET /wbpage5/mvas-puzz/action_icons_20px_2x.png HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:52 GMT
content-type: image/png
content-length: 1726
last-modified: Fri, 03 May 2024 03:18:28 GMT
etag: "6be-617842c6dfabe"
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5GdVmqLzWVksLXuJlVQ9ThHUm2l4euhg20oN6arJgNTUIjshjhVjcLxdy7tnbl6mjTo7I1fYVh42kVHS%2B8k%2FsxclfqUgRK56ExvtTfKAcjmEyCFMyZlXCA3uqBrIoXnPoQOsUvw9Ry8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:52 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/action_icons_20px_2x.png>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 88030c8f2a7eb518-OSL
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://fl2.hearteningindependentvisit.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 17:49:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://fl2.hearteningindependentvisit.shop
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/menu_2x.png | 172.67.198.239 | 200 OK | 124 B |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/menu_2x.png IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typePNG image data, 40 x 36, 8-bit gray+alpha, non-interlaced Hashe614233745bdb9fc434ddceb1ba4e5f8 842918e4e230355aa8be6e403acaa7b72555eea2 8e55de51909170ccce3525493c86703c2413e73c890d17392548a02c3100ecf2
GET /wbpage5/mvas-puzz/menu_2x.png HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:52 GMT
content-type: image/png
content-length: 124
last-modified: Fri, 03 May 2024 03:18:50 GMT
etag: "7c-617842db4cee0"
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QTN08H0Nc7xLM1hl4J0uW4tNXvZELsFkzNoAze4GbJrqMiLMdarasBy%2BFw42yh4ZLpxIDX8WMZmB%2F8CcxnQ3Y5%2FtZLpNK2yiMTFyRrjUN%2BRmALFbYNaiQFPm7b6PjvCdEHU%2FmeXj4mU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:52 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/menu_2x.png>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 88030c8f2a72b518-OSL
|
|
| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/comment_action_2x.png | 172.67.198.239 | 200 OK | 641 B |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/comment_action_2x.png IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typePNG image data, 24 x 120, 8-bit colormap, non-interlaced Hashe9b3872b3e63e19728176d45f0aa6986 b638f89d5d80c4cd65327da973c52f778e30bd55 a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5
GET /wbpage5/mvas-puzz/comment_action_2x.png HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:52 GMT
content-type: image/png
content-length: 641
last-modified: Fri, 03 May 2024 03:18:32 GMT
etag: "281-617842ca08ffd"
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQNiVJmb7Gqu7HBx0jImzJHT7So9SP0YA28XnPBmIAGCztwRRUPKglYBbHd9HqtmOyzLgYK67kFMCxvU6%2B%2BHMBkzOF3ME%2BCVd1mOdxleOIXKexO6LageYiNpBBQrDRzU%2BB0P5uKCjEM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:52 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/comment_action_2x.png>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 88030c8f3a8ab518-OSL
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash6b28886b660ed06007bc6cd178bf471f e7556fea63422811da65945b2ad4b08bdc5ba902 ae9e57dc1ffed87a737ec1d8fabcb1530b1c51d19f222374b6ceb4334cf97fb8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1631
Origin: https://fl2.hearteningindependentvisit.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 17:49:52 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://fl2.hearteningindependentvisit.shop
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/i13pro-s.png | 172.67.198.239 | 200 OK | 7.3 kB |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/i13pro-s.png IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typePNG image data, 200 x 236, 8-bit colormap, non-interlaced Hash2957d5b059f1cefecf1a2bea506d36e3 3c87cf6a0cb5fd340ab4a799d3083607dc423c6e 6b37571a9020c444cce2ca73e37966b9359d1e9f8f91135f1b2b6bc2780539c2
GET /wbpage5/mvas-puzz/i13pro-s.png HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:51 GMT
content-type: image/png
content-length: 7279
last-modified: Fri, 03 May 2024 03:18:42 GMT
etag: "1c6f-617842d432911"
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5BJmLXOUJ0GMVtUt0JdLooWcCt%2BolzWYnPa%2Bf%2By%2BnXl49cquzI5hg8WRZlLM%2B7F%2FcWVqnceRfT2ycckG5F5JyKyVsBQnggDkCufStNApQKGAEzMxzcSO0Hr0%2FOFNeIkdEYz9DtNSUMs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:51 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/i13pro-s.png>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 88030c8de849b518-OSL
|
|
| fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/clean.css | 172.67.198.239 | 200 OK | 11 kB |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/clean.css IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typeASCII text, with very long lines (11143), with no line terminators Hash8b9d3eed44573fdb1858e94077ef5e2f 43bd09dc7afd1f1224da6bc09c2ff066bdaf3fdd 59db3ae0bdc235b78511854ea6e0d9b542bf170852bbd6a1eccceca25d78fba6
GET /wbpage5/mvas-puzz/clean.css HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:51 GMT
content-type: text/css
cf-bgj: minify
etag: W/"2b87-617842c799380"
last-modified: Fri, 03 May 2024 03:18:29 GMT
vary: Accept-Encoding
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aBSrte1r12XcbHzdi4E%2B3jgobfSRuPXXpyqbfiR2cw6hgSdlJhjd4K0JmqOlUPSRVRTcUlRFnHmm8Pc3SqSPjJIqDRYkFNbn1Aqu0Co9Pf8DmHLQ5JQjS%2BUDBZ4%2Fum2OX40gvYDyiEc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 17:49:51 GMT
link: <https://sec.movienightowl.com/wbpage5/mvas-puzz/clean.css>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: MISS
server: cloudflare
cf-ray: 88030c8de843b518-OSL
content-encoding: br
|
|
| gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js | 139.45.197.251 | 200 OK | 37 kB |
URL GET HTTP/2gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js IP139.45.197.251:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjectgauvaiho.net Fingerprint7A:BC:57:20:5D:99:49:16:5F:C9:C1:4F:27:AA:47:0F:D8:A8:FA:57 ValidityFri, 19 Apr 2024 05:44:25 GMT - Thu, 18 Jul 2024 05:44:24 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
GET /pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js HTTP/1.1
Host: gauvaiho.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 17:49:51 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:52 GMT
etag: W/"662a3514-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fl2.hearteningindependentvisit.shop/favicon.ico | 172.67.198.239 | 200 OK | 70 B |
URL GET HTTP/3fl2.hearteningindependentvisit.shop/favicon.ico IP172.67.198.239:443
Requested byhttps://fl2.hearteningindependentvisit.shop/wbpage5/mvas-puzz/index.html?td=www.thebuxfiles.com&cep=kzswhr-BrzJZzUH9iSRnQ58kxY2dmcoIXdi9pVcr71Jk0MvULAS3LEcMTMFO05b7VK1Hkrztl4Q1iVyOV2DsuWQw4SLZXdZ7VIZ8x6oisFhGlYHn2GOuhcqVdCa6__9BiDDf55g279sU0R-ZgpAwZaFuPcoH3vBizNyeEUoSnALhbSZ4Mq7nqaeR3tAvyg2_sij13Vmt7S6OiwSlBSy77N0cYL7dXjK216FOCIwrTmpdQgYWJWDZQcHFzXc52clrbqxf5iPSblOkex3ygcvp_I8j0mo71wiKw7OYIWwCmZaYT53FfW3IE3qIPMlrgu9lom455shOiCWPzLvdRs29xKZAIhIR9ZiCJECXEeh3ZzLdcu8emFRB6vc6uCEyoQKysp-lmmLNKmCtZx-8RHYrWqT-ZHR5fbW0JWtzDxGES63t6gy2z4qv433dlnaVU5fxWuUAQu-9sPbit56Qj8kc3gGCGxjY5ZHQP6tHANhRpvCZy4ukMyZkffrCywQ_866-EoUjRMsu_S3IeG0RbUBZUQ&lptoken=173815a8109c597a4623&zoneid=1750010&campaignid=8166576&bannerid=20943000&osversion=android14&os=android®ion=46&visitor_id=811768222033387520 CertificateIssuerLet's Encrypt Subjecthearteningindependentvisit.shop FingerprintE9:CF:9A:44:BD:9B:F1:0D:4C:B4:3C:9F:A3:5B:5C:CF:C9:C1:EC:6E ValidityTue, 07 May 2024 15:46:30 GMT - Mon, 05 Aug 2024 15:46:29 GMT
File typeMS Windows icon resource - 1 icon, 1x1, 24 bits/pixel Hashaf313b2c3bd6b72fe7a7d681a9cf3a04 c6ea50672f298c06bca3f5a591b78edd65822dfd fdb7444ecc2b7ee09abb9659a1c3123f7f5d6ef53c53638f7665eaa905f0c7f3
GET /favicon.ico HTTP/1.1
Host: fl2.hearteningindependentvisit.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 17:49:52 GMT
content-type: image/vnd.microsoft.icon
last-modified: Wed, 04 May 2022 10:33:34 GMT
etag: W/"46-5de2d28462a14"
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nVrJEz%2B2%2FK42LTh9lpGSyYCkldsA9LV767JsMejrXjeeaMId%2BARZCoWGyMa6nSl9Ol5oY9tK17BFsjoKNDTwO4AisrIlZWerGAI6GdvSEPrjkqTaaYjONkgRvX1exT8RR03Shgxv5H0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
expires: Mon, 13 May 2024 00:14:09 GMT
link: <https://sec.movienightowl.com/favicon.ico>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
cf-cache-status: HIT
age: 149743
server: cloudflare
cf-ray: 88030c927907b518-OSL
content-encoding: br
|
|