www4.fusionmovies.to/addons/img/logo.png
104.21.69.70 35 kB URL www4.fusionmovies.to/addons/img/logo.png
IP 104.21.69.70:0
File type PNG image data, 1024 x 145, 8-bit/color RGBA, non-interlaced\012- data
Hash 07b4e242a65bb25b2eefa32ba67f2874
7db2adce95658b5795f66410c9cc75d8a2d701cd
2be2ab5c75d2e870641c1a5235c28a2c4ba5bcced5a20b00be2becba34d10775
GET /addons/img/logo.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/film/deadpool-2/Wqccxzip
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:11 GMT
content-type: image/png
content-length: 34825
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-8809"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.10:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1003263
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmePcHLXUCDcgzo9ClECjbUJ1FqJ9DoPt0HvTwJOT1O5Rkv0WCe%2FGkzOjtj%2FvJMU8XMECXXxkzJyHHUbUspAUrSh%2BVQLGbT4%2Fi2YgKjoia%2BhIBmAQ0%2FVoeaSYPjMHWzM6JT9zrLhQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2e9e98a56a8-OSL
alt-svc: h3=":443"; ma=86400
www4.fusionmovies.to/addons/img/logo-sm.png
104.21.69.70 83 kB URL www4.fusionmovies.to/addons/img/logo-sm.png
IP 104.21.69.70:0
File type PNG image data, 678 x 301, 8-bit/color RGBA, non-interlaced\012- data
Hash 3f005188ff4d2451bcd39ffad4da8063
1c5f83b0dea45af5cfb0fc381b96f782c1e1cddf
0e5cfbcf4d5838cca4358a61a8f780aa3eda9db7dfb4ceebcf3ba9476696a132
GET /addons/img/logo-sm.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/film/deadpool-2/Wqccxzip
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:11 GMT
content-type: image/png
content-length: 82788
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-14364"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.7:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 763086
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qfAf8y2r0DZmrKSA51scN0DdQGZl%2BqwKh0wocuEJbAs7D58zOw7Q5MlcwtAgd40vu2EVV3qbJfB4tcCqJ0fJe0HScTmPvRpSTXCdcuYpJWAtbBiM%2Ft97EAENabTedAPYwzxbeqRqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2e9f98b56a8-OSL
alt-svc: h3=":443"; ma=86400
www4.fusionmovies.to/addons/img/icons/virus.png
104.21.69.70 3.7 kB URL www4.fusionmovies.to/addons/img/icons/virus.png
IP 104.21.69.70:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 52c51e433104de46289ad51755af9c8f
0381ea156d047fa712fbe263bf1c5fe4be828512
bbcd86bbda63d26d9d885000eaabdb6dd15eb0d3dc8580f2a2598618d57ec1a2
GET /addons/img/icons/virus.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/film/deadpool-2/Wqccxzip
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:11 GMT
content-type: image/png
content-length: 3706
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-e7a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.9:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 11791
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPwGlkji%2FxddrXrkVwiQWn8c60vQanzYpLUO27U4Qm3J7RAj5mSWnVJNncuHbwy%2Fvb%2BvmLsJ5%2Bs9si0fQqTypNNb1zeYt4uSnvUTytJgfGp4w0CiYfEsw44T%2FV1AqcR0UbzCZBX1gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2e9f99856a8-OSL
alt-svc: h3=":443"; ma=86400
www4.fusionmovies.to/addons/img/icons/loader.png
104.21.69.70 1.4 kB URL www4.fusionmovies.to/addons/img/icons/loader.png
IP 104.21.69.70:0
File type PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced\012- data
Hash 2bdbcd2dd4750177c150956b53249242
627856c1a9cce226dec6a88c3bcf1bf40b4f0409
66f84960c17863412620de45268f75dc62d58d6d2e310834536cde291cc7e5a5
GET /addons/img/icons/loader.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/film/deadpool-2/Wqccxzip
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:11 GMT
content-type: image/png
content-length: 1428
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-594"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.7:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 19309
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28l4J5dZgSrwTw%2FzcrpcRlziNI5ieuyxQ7bpHpqH6bBgdeYXFK2UjQRUN356k9hpfXfGOwiQ2HX2y5Tah0GocSEr4v3R3UXl3slXEgR6iimnB%2BNoqgTCKB2CUgXXUfklhX5GmYkdug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2e9f99956a8-OSL
alt-svc: h3=":443"; ma=86400
www4.fusionmovies.to/addons/img/icons/actor_placeholder.png
104.21.69.70 2.4 kB URL www4.fusionmovies.to/addons/img/icons/actor_placeholder.png
IP 104.21.69.70:0
File type PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced\012- data
Hash 01aa88a89fe4016d5a61f57b0f71f82f
4ea2110dfdbd558defb126f9ef6b8b4727dac747
07e2f79636ba367e3f5af3cc84407fdb41c7aafc1f50cfa6f9187c940c32b047
GET /addons/img/icons/actor_placeholder.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/film/deadpool-2/Wqccxzip
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:11 GMT
content-type: image/png
content-length: 2376
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-948"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.10:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1003263
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tY5UV%2FO45k306VfOeP3A4s3hyKXYU2XgcXKXKC7Iwjobn1WJl1YncCk5jmyXwwVW4u%2BdHUa78OjFhFIGTSOYEh18aVqs9zBowbp8X0S7hK0fxQrY4LeojN%2BXcGZjpWFVJdDEp1U4vw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2ea29af56a8-OSL
alt-svc: h3=":443"; ma=86400
www4.fusionmovies.to/addons//img/icons/user2.png
104.21.69.70 1.2 kB URL www4.fusionmovies.to/addons//img/icons/user2.png
IP 104.21.69.70:0
File type PNG image data, 64 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 613380459ed2c3b680f8de8f0c7159db
6dc7f070f7e78d7cda313f1cd49aaf5e21405621
a5579a91383657ba3b212d3c5b0cc27203c237f0267a48f874394fec86398b0f
GET /addons//img/icons/user2.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/film/deadpool-2/Wqccxzip
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:11 GMT
content-type: image/png
content-length: 1243
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-4db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.9:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 506150
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owNWfzUZN%2B%2Fj3tO%2BPgmUMHo3t22qXiWasPIcXAAW%2BaCFAUbs%2F0Q%2FhyrAZmHOk6cnPo9JWNIG59l61bo4B3gsxTuvOx3oo0x7HsXeg1Yg3zOZxYsUKXPkhp4Bu3uvz2yw8SBs21TCDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2ea29ae56a8-OSL
alt-svc: h3=":443"; ma=86400
www4.fusionmovies.to/addons/img/icons/hero_placeholder.png
104.21.69.70 6.3 kB URL www4.fusionmovies.to/addons/img/icons/hero_placeholder.png
IP 104.21.69.70:0
File type PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced\012- data
Hash 489c5632775dd2cbdab98201624b97a3
35698c8c7a408358ffe0c2f1f7c0f146bbffb598
f41df68487cc754e7c9959985a933d5bf91ab87c76983eb6e49dd49cb8526e9c
GET /addons/img/icons/hero_placeholder.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/film/deadpool-2/Wqccxzip
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:11 GMT
content-type: image/png
content-length: 6322
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-18b2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.10:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 640596
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdCrj6bRUnD6crdInUlDcT%2FBkSgm%2BOLuxJ%2BjgNR3ECwXLbg%2BZDKwXGXkxoQ8MO8T6k%2FcTgDPVvhTVbazka2EZ5OzD%2FRSN4r9%2Bs6pQDiEiVj1Mxxt%2BlOM8XkxTm76BDmwgoWdybCv%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2ea29b156a8-OSL
alt-svc: h3=":443"; ma=86400
www4.fusionmovies.to/addons/img/gallery_placehorder.png
104.21.69.70 1.2 kB URL www4.fusionmovies.to/addons/img/gallery_placehorder.png
IP 104.21.69.70:0
File type PNG image data, 300 x 200, 8-bit/color RGB, non-interlaced\012- data
Hash a0e712b530d832afc2c6fd70f0534c19
8ed289995212d78b53e356a4b5959fb20f253a7f
ad9984393c19193ef845c7127fa0324e1491c29aeafb3a81fe26006597f5f057
GET /addons/img/gallery_placehorder.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/film/deadpool-2/Wqccxzip
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:11 GMT
content-type: image/png
content-length: 1171
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-493"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.10:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1003240
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvMIxvcJKKwKXX0A3Uavd9nUalTVGfbor9x7G7xC8pUxmjrF0oBt2SaxsBFBk%2FxLhL%2FN6nNOwFW6L%2F45lJIzUgfWCqhHi1CxLlG24FBydy2Fj%2FLe88oibO4WylzY1O5Sal6GMkV0gA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2ea29b356a8-OSL
alt-svc: h3=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/lottie-web/5.7.6/lottie.min.js
104.17.25.14 55 kB URL cdnjs.cloudflare.com/ajax/libs/lottie-web/5.7.6/lottie.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65109)
Hash e5f222214a9f62042d9625760be15e4b
e249e0c6b3b66335a751ec188a246f880765fe5d
c4db144321efbe62d33923077d356ee2fdc097848ebba3f1e1396027122b2d48
GET /ajax/libs/lottie-web/5.7.6/lottie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:17:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 54976
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6003bd85-3ffb4"
last-modified: Sun, 17 Jan 2021 04:31:01 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 754535
expires: Sat, 23 Nov 2024 23:17:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0y5lxZNf5BicEX4mGxBMDUGO%2FERuWMYIXx6WIRafToDwP%2BTB0%2FOVYyhqT6rjBrI%2FdozdFTcgqjpazT7EnaG5iuO3iZg3EO8vOtz7aLAbB9oVAKy1FdJAxgvldWDm1RJkXcbXdjNx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8307c2ea5e4856c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.fusionmovies.to/images/movies/_eGkcUtGLpEwwl7zahBFd5PT7UeD_O4KDiII84HXFuJFu-9i6GZEpqT6CKQf5oe__6cypG1bFOh0KMyrzUlqM4aSRmUyyRj_7_S01KyRQnY.jpg?1
104.21.69.70 50 kB URL static.fusionmovies.to/images/movies/_eGkcUtGLpEwwl7zahBFd5PT7UeD_O4KDiII84HXFuJFu-9i6GZEpqT6CKQf5oe__6cypG1bFOh0KMyrzUlqM4aSRmUyyRj_7_S01KyRQnY.jpg?1
IP 104.21.69.70:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x600, components 3\012- data
Hash 3db08561534c0f5d11bd8fd5735fb21d
48e70e41e29f6f6bc1aea4c1c2856cf46d0237c3
b2f2022d8bed338a38ff12bd3c03abcec780eb938fc1c2afac5088646271d0ad
GET /images/movies/_eGkcUtGLpEwwl7zahBFd5PT7UeD_O4KDiII84HXFuJFu-9i6GZEpqT6CKQf5oe__6cypG1bFOh0KMyrzUlqM4aSRmUyyRj_7_S01KyRQnY.jpg?1 HTTP/1.1
Host: static.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:11 GMT
content-type: image/jpeg
content-length: 50341
etag: "5c347d6b-c4a5"
last-modified: Sun, 19 Nov 2000 08:52:00 GMT
expires: Tue, 03 Dec 2024 23:17:11 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9UI%2BZkXu8noZEmVLlyjvUt4j%2B0%2FH68NjJwoypb2zzosHdQEHafiA8qYjWPm%2Bn6gxXpfS4%2BPtC2koSDMkpKwKJnQrVillHMRbA2tl5fPAiKC81mucEhEEW8QHPkbqGOUWuHRy9rcdwQx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2ea39cd56a8-OSL
alt-svc: h3=":443"; ma=86400
www.googletagmanager.com/gtag/js?id=UA-111313284-1
142.250.74.168 69 kB URL www.googletagmanager.com/gtag/js?id=UA-111313284-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (4179)
Hash a9ea9f3eccaef02aac7ffeeea5e04438
d746f5b613d2b0e5624ca9b6fb7793d7202184ca
18d6688bee51769786b1379ba7fdc0cf2d5835f92a570748c13cf4f195cef007
GET /gtag/js?id=UA-111313284-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 23:17:11 GMT
expires: Mon, 04 Dec 2023 23:17:11 GMT
cache-control: private, max-age=900
last-modified: Mon, 04 Dec 2023 22:52:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68963
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-SJHQC2SVWN&l=dataLayer&cx=c
142.250.74.168 80 kB URL www.googletagmanager.com/gtag/js?id=G-SJHQC2SVWN&l=dataLayer&cx=c
IP 142.250.74.168:0
File type ASCII text, with very long lines (4179)
Hash c79ab6ecf83b891741f78d5be9c7e65e
7d8b6dffc179982f97aab88042280223a9d70782
67f7a6dead0ff8164bdaf2194569a328f2c774f48de5832204e4a169361f506e
GET /gtag/js?id=G-SJHQC2SVWN&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 23:17:11 GMT
expires: Mon, 04 Dec 2023 23:17:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79530
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ezexfzek.com/2bac96d46c8a2a71fcaaa04943f076df/invoke.js
192.243.59.12 9.4 kB URL ezexfzek.com/2bac96d46c8a2a71fcaaa04943f076df/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25430), with no line terminators
Hash 67c46fa359601a80ac43c35e57f75396
60ffb37a277e322cdf0d7331ad326f4cf43ac7f5
ff86e81962e1cf3f78ac8bfa29fc82aea93d06e3c0ce223534db9727691475a9
GET /2bac96d46c8a2a71fcaaa04943f076df/invoke.js HTTP/1.1
Host: ezexfzek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 23:17:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8df44549af0f434bbcbdb12592aca559
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ezexfzek.com/82/fe/0b/82fe0b644d03b2da47a79435101845c5.js
192.243.59.12 15 kB URL ezexfzek.com/82/fe/0b/82fe0b644d03b2da47a79435101845c5.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (42811), with no line terminators
Hash 0a829ee485cb0e17bc218b9198bee47f
762c148af8c3a6f55cbc66ce471be72ec8ded051
e0a07ab477e8e204b9922e833b9044846be109fbbdd06c398288aeb041db9c11
GET /82/fe/0b/82fe0b644d03b2da47a79435101845c5.js HTTP/1.1
Host: ezexfzek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 23:17:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3d59f63d9a0cde59e319f3cbc287d179
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
hoo1luha.com/b0/05/c9/b005c98326c3554c8acdc4604221173c.js
192.243.59.12 23 kB URL hoo1luha.com/b0/05/c9/b005c98326c3554c8acdc4604221173c.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59255)
Hash 5c90d958afa30e814815da12856ccf23
59c71cc9c9cde4e56baab1fecb2742c8032e8b0a
23f092f2e579b65d86eea96ccd85611e3b0dbe027fbe2a4dab6f7a6dd16c9f4b
GET /b0/05/c9/b005c98326c3554c8acdc4604221173c.js HTTP/1.1
Host: hoo1luha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 23:17:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_AN-1159_layer=0; expires=Sat, 09 Dec 2023 03:17:11 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bfd9e4f3a7b17aec1f865e87fceb5fae
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ezexfzek.com/dc02b59d2ec7728b715e55ccc7f48ee7/invoke.js
192.243.59.12 9.4 kB URL ezexfzek.com/dc02b59d2ec7728b715e55ccc7f48ee7/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25396), with no line terminators
Hash 62c9d0c6da3dd15f613ca18843ee6038
47f1e8738f01ac29fc739f390c7c67ce041fb03a
91ab6ad3fafaa2684e5919302cc6a67ed4aee5fb192ac4723d67eccf1b44c689
GET /dc02b59d2ec7728b715e55ccc7f48ee7/invoke.js HTTP/1.1
Host: ezexfzek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 23:17:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 245f2a3a6520617ab8550000a7f59ce9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www4.fusionmovies.to/addons/img/icons/tab-ico/generals.png
104.21.69.70 670 B URL www4.fusionmovies.to/addons/img/icons/tab-ico/generals.png
IP 104.21.69.70:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 7a25b375ac4a5af35bcd1cf7bab0a70e
8483b3c9e83f31477c7133d1bedd86da1c8f80d0
77efaebd4955c08bdc344f2aec5e91091c80900f01b557dd0c9c1825cf24b1ee
GET /addons/img/icons/tab-ico/generals.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/addons/css/main.min.css?v=1618341527
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: image/png
content-length: 670
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-29e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.9:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 666980
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8nFMk5nn%2F%2B5g65A2X8qJAddGemeYs4%2BwnWWR5Z69bmiwrWMEmZLjTlUKkBQsmwz%2Bs%2FMFCNGxw8souiB7t9bW1Fen0s0zMzEGYGkPS2zQEu7C8takCKqfrHWnrOkRACRb%2BqlVFw1rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2ef4d4556a8-OSL
alt-svc: h3=":443"; ma=86400
www4.fusionmovies.to/addons/img/icons/tab-ico/actors.png
104.21.69.70 3.1 kB URL www4.fusionmovies.to/addons/img/icons/tab-ico/actors.png
IP 104.21.69.70:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash aedc75ac3b3d2b5523f9f158ce42af54
c9910911e36189a0c2f778dcccc9474164fd9c02
0b5b301e9873fde67ba97c7f7fb8413d9a680e80dee6a9b750d4c568456d1740
GET /addons/img/icons/tab-ico/actors.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/addons/css/main.min.css?v=1618341527
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: image/png
content-length: 3059
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-bf3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.7:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 736504
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPwywi0%2BOdEV6HABR0Ypizbge6cBfz2JnF36I4x1H%2FMQZ3sENCuMSCFins%2BdJ7zRYxFQFB%2B0D6y6I2sj9DuyXe4Fy6EQyx6atc6cLwcTzByRXQNb7dbI4zMJ%2BjRy9SoxTKMUTTDnwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2ef4d4c56a8-OSL
alt-svc: h3=":443"; ma=86400
www4.fusionmovies.to/addons/img/icons/tab-ico/character.png
104.21.69.70 2.7 kB URL www4.fusionmovies.to/addons/img/icons/tab-ico/character.png
IP 104.21.69.70:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 3869138626665dd13bc5199ed8b3e4fa
773f8e09303a8656cd45d947b68b5b2aef44bec4
01084095a125d8fccfd914dcd6bc9ff9c236c34337a8e1ef790f21bb978c334c
GET /addons/img/icons/tab-ico/character.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/addons/css/main.min.css?v=1618341527
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: image/png
content-length: 2701
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-a8d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.10:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 366465
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQug4PFmK%2FhREuO46YAmIjxYZeNmrdaNmh55jpEFmunUynCXLgIGDcrJcH6lPosYjrVf%2B57xHFiMG3r5xJIivDqX0tqDBbw3y30i0xMiClIAH8kTja%2FFybi5XWpkYHC8l%2BHMw6JLMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2ef4d4d56a8-OSL
alt-svc: h3=":443"; ma=86400
www4.fusionmovies.to/addons/img/icons/tab-ico/critic.png
104.21.69.70 2.3 kB URL www4.fusionmovies.to/addons/img/icons/tab-ico/critic.png
IP 104.21.69.70:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash d50540c4630d5450f4c247e16cc988a0
b49af22849e7b9c3c0240cb821da78ffd11c8963
f16c8d397b1c92f5701ff1335f2cc61d9240beebe04243525fe65c4b171c13df
GET /addons/img/icons/tab-ico/critic.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/addons/css/main.min.css?v=1618341527
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: image/png
content-length: 2274
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-8e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.9:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1026200
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnpBL9%2FiR3bB%2FE3u2IRTJkcDbqjFOmXVr2IMeTV9rY6PukpJ96feJ226SQitEhcTZSOFAGI33SZdQ72u7MsNhkPBDxLvzBQiUE6S0s3p8FgQuPhQHbeDS8JqYeppnCTCNp4BzskeCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2ef4d5356a8-OSL
alt-svc: h3=":443"; ma=86400
www4.fusionmovies.to/addons/img/icons/warning.png
104.21.69.70 2.7 kB URL www4.fusionmovies.to/addons/img/icons/warning.png
IP 104.21.69.70:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ed19791044717cf793ff46eda993187
902b6b279ca1d450b16226f7ae5edab9c532f960
4f8a8a91fbb28d34bf9e87c3adea4b06693afdbf198c92eae29a16278361a1dc
GET /addons/img/icons/warning.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/addons/css/main.min.css?v=1618341527
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: image/png
content-length: 2651
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-a5b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.10:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1003241
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vn5D2TDifnhs33v1%2FfJyVA3eTj%2FZ1n%2FnuHUHiOyADfSUWi7vlg5VR5rBoWB2rVY96T0H8Ib3IGJdqcUQI0Y07DcSjYSKpESJ4CwGtF2WCmk%2FMrPV6nM6Ky6mnabzrMFm9oos%2FTXsGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2ef5d6056a8-OSL
alt-svc: h3=":443"; ma=86400
www4.fusionmovies.to/addons/img/icons/tab-ico/gallery.png
104.21.69.70 1.8 kB URL www4.fusionmovies.to/addons/img/icons/tab-ico/gallery.png
IP 104.21.69.70:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash f2f27fbe8f47d931f5367cdd9ff9cf84
d464dd0c0aa96c0e54d0ea60ae02dac96844b039
2633b2b87e7641288198c08336427bee5493a3ab1fb10042c36b3b89a2949802
GET /addons/img/icons/tab-ico/gallery.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/addons/css/main.min.css?v=1618341527
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: image/png
content-length: 1833
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-729"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.10:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1097538
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=os9kohJSVuVmIkH7hNeHYQZdn7ptZpHh6o915JaNl7xfKpqMt71D6mqVmxuYeLn85Jdms%2Fa9K%2BzQ23V3zpqu0vx3aO7b7FiBjd4o6U6kcQTNNtEuwW%2FV%2BlaGG4PIs8CJcxQI%2Fr%2FAoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2ef5d5756a8-OSL
alt-svc: h3=":443"; ma=86400
www4.fusionmovies.to/addons/img/icons/bigplay.png
104.21.69.70 2.9 kB URL www4.fusionmovies.to/addons/img/icons/bigplay.png
IP 104.21.69.70:0
File type PNG image data, 130 x 149, 8-bit/color RGBA, non-interlaced\012- data
Hash 2c506880a14af72556dd4a374eb4999a
377250417e61e2a4fa3d9eeda27bfd0f515f50ae
5377487f7fe3a0b6b39272a0b6bd7f61d0ad8eea81358b40bff718bff5de04e4
GET /addons/img/icons/bigplay.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/addons/css/main.min.css?v=1618341527
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: image/png
content-length: 2924
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-b6c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.7:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 654881
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtaPP%2BTVOc%2FWJwRYrM2WrEDQqyghFHvqWz%2BDekidM9SifLzdhQRHjYo3WW9j91b033T9p5IALh3CNb%2F5z6FZ95k%2Bjme09vZ4%2B%2BxxHrR6bsn2OatNmiqWWw94C5TAH4HsP7Cd4NI6fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2ef5d5c56a8-OSL
alt-svc: h3=":443"; ma=86400
ocsp.r2m03.amazontrust.com/
54.230.218.11 471 B URL ocsp.r2m03.amazontrust.com/
IP 54.230.218.11:0
Hash 24a776b1f2e9d3fff472472cff5e9b16
38a6b9ce7b18c9204f5ace875325ca74c863d1a9
108f3caa2c7db8c122fcea5f02f4f0f1e058d4da8e913dc2b4e8ace4e5a50e81
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Mon, 04 Dec 2023 23:17:12 GMT
Last-Modified: Mon, 04 Dec 2023 22:02:31 GMT
Server: ECAcc (ska/F6ED)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iIpWtwdyLaYJGoSgynEuYac2EhO_lmg26hYKxVY4-4VAevTsAT9HvA==
Age: 4481
www4.fusionmovies.to/addons/img/poster.jpg
104.21.69.70 3.1 kB URL www4.fusionmovies.to/addons/img/poster.jpg
IP 104.21.69.70:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x600, components 3\012- data
Hash f083f0f879f2c1560ff6039dabe29d63
78aa125ce261f2f562f4c6a80d6fe1b844931083
ac98153bd39bbb3bcfed164ad1530bf0e7a8618f5919c59074618e51b53fcdb4
GET /addons/img/poster.jpg HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/addons/css/main.min.css?v=1618341527
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: image/jpeg
content-length: 3125
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-c35"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.7:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 752904
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94tWqQRnfp8XFu7m52yVWiK1ijkRkIX0EZc9TX98DvYnTZ6YYoGC%2B6LmdxGHvJD8g3qVKT8C8gY%2F4NV%2F9hAxmTPHTQh8b4CFd7gkX7yfdJLIkSvsmcr7aeQYwRP3OxZlgTOnHQ4FIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2efedd556a8-OSL
alt-svc: h3=":443"; ma=86400
www4.fusionmovies.to/addons/img/icons/like.png
104.21.69.70 9.8 kB URL www4.fusionmovies.to/addons/img/icons/like.png
IP 104.21.69.70:0
File type PNG image data, 103 x 115, 8-bit/color RGBA, non-interlaced\012- data
Hash 1a2532feebf5f3cd37a998e36c9b809d
b903e7aab51618986d83ccc09a921688584dc1ac
4d8f5e16765ef6a51a066e86b825323f68775b8ec6dfe5dcba2fab370ac0591f
GET /addons/img/icons/like.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/addons/css/main.min.css?v=1618341527
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: image/png
content-length: 9839
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-266f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.9:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 832743
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aooczfazc2VdkiaLi9TR29JHAtxN3VX8BzD6cBgfJPsOh05mho3fyTYl8qjoe8jqSMObXJsQ1EZB%2BJUF70DhuHQue4O5yE2OJH4ECz5unJxTBbtnLNHeR%2FShiqM%2FYNyV9epEULjtRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2efedd856a8-OSL
alt-svc: h3=":443"; ma=86400
www4.fusionmovies.to/addons/img/icons/dislike.png
104.21.69.70 8.9 kB URL www4.fusionmovies.to/addons/img/icons/dislike.png
IP 104.21.69.70:0
File type PNG image data, 103 x 115, 8-bit/color RGBA, non-interlaced\012- data
Hash af4239198c55e96a5b1fcd47e9c45ee9
df667353d6c58ce63d97b7ac79772c28c002574a
5f16b9111a2a691bf7ae6b6909df8c9918fc1f1a5cf49ecedaa6be94a968afa0
GET /addons/img/icons/dislike.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/addons/css/main.min.css?v=1618341527
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: image/png
content-length: 8863
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-229f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.7:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 399767
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TW8IeoSfuoNayxkqq5EnePMd%2BvwQ81V72e7LeNocWBkmA0ygxgPwl2%2BMoIODNDS0gdbpZj0tHvcmSnLvhV92rPCtcWE8WK9q1X7IetgexxUHbC45J11tzM3t%2Bp%2Fu9yp2NkZ5Z9ckWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2efedd956a8-OSL
alt-svc: h3=":443"; ma=86400
ocsp.r2m03.amazontrust.com/
54.230.218.11 471 B URL ocsp.r2m03.amazontrust.com/
IP 54.230.218.11:0
Hash 24a776b1f2e9d3fff472472cff5e9b16
38a6b9ce7b18c9204f5ace875325ca74c863d1a9
108f3caa2c7db8c122fcea5f02f4f0f1e058d4da8e913dc2b4e8ace4e5a50e81
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Mon, 04 Dec 2023 23:17:12 GMT
Last-Modified: Mon, 04 Dec 2023 22:02:46 GMT
Server: ECAcc (ska/F73C)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7hpFq6NBPbYtUeOVffWJjmXbVGkqOK8VJ6TP3SusJZRePkNfPo9b0Q==
Age: 4466
proftrafficcounter.com/stats
18.184.210.76 40 B URL proftrafficcounter.com/stats
IP 18.184.210.76:0
File type ASCII text, with no line terminators
Hash 21b66f0f427bf4525a52d71ed1d5ab99
052f92486a448f189555191e5afe73264ce5712d
47973b689c3c21b5397591fdb2f8e7de6bcdb57ee5a6ed8ec749f924d32d26de
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.fusionmovies.to
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www4.fusionmovies.to
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=9d11de8e-775a-484f-ab67-976aa4ae03ba:1:1; expires=Thu, 01 Dec 2033 23:17:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
www4.fusionmovies.to/addons/fonts/icons/open-iconic.woff
104.21.69.70 15 kB URL www4.fusionmovies.to/addons/fonts/icons/open-iconic.woff
IP 104.21.69.70:0
File type Web Open Font Format, TrueType, length 14984, version 1.6553\012- data
Hash 3cf97837524dd7445e9d1462e3c4afe2
9536808d830d8a28b4ca28c6f2fa8b1bd2937a55
7193ea5654497d2356d0a690e3e50f39767fbff4335e57a3443c1435d648a1f2
GET /addons/fonts/icons/open-iconic.woff HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/addons/css/main.min.css?v=1618341527
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: font/woff
content-length: 14984
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-3a88"
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.9:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMVmOU3yxUvB6nwumxxcljJK0m6aNeUxfpvhmdC9%2F9GUGB344VsEGBul2gN4sDrzjBz6R%2FxsPLuBxSo6fB91TOxxRxaB0Imu%2F%2FO1R2eu8kqnVGZZfZo2NOykjkzndhBc87X8Qa38fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2ef9d9256a8-OSL
alt-svc: h3=":443"; ma=86400
proftrafficcounter.com/stats
18.184.210.76 40 B URL proftrafficcounter.com/stats
IP 18.184.210.76:0
File type ASCII text, with no line terminators
Hash 5e439b715cdf5246c74c18211ae7e9b0
d7a056f881e050c4db9be1d33e2b1417309854f1
fa5aeb91752f3e79c495afe35c01427154b55e9cba1e8520ce2d8fbe5367699d
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.fusionmovies.to
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www4.fusionmovies.to
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=b7385270-9466-44ed-89c6-049541dab4e2:3:1; expires=Thu, 01 Dec 2033 23:17:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
proftrafficcounter.com/stats
18.184.210.76 40 B URL proftrafficcounter.com/stats
IP 18.184.210.76:0
File type ASCII text, with no line terminators
Hash 078e8c817a65c49538b395c5b97a3b7c
3ffa21410840dfd4ffcc341cca1ad9bc596294a7
865fbb4d5d1dd230bbe55ecfa6d4900024e24fb4d4855b31e0f8880cfa8a2a00
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.fusionmovies.to
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www4.fusionmovies.to
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=41c15915-a1ce-42ee-a11b-8d7b863814cb:3:1; expires=Thu, 01 Dec 2033 23:17:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
proftrafficcounter.com/stats
18.184.210.76 40 B URL proftrafficcounter.com/stats
IP 18.184.210.76:0
File type ASCII text, with no line terminators
Hash ba227c5dc22ceed03c5754500134607f
64889bd333c967cceb324ba96b55133dc8aa5f7b
40427b13afc54e37157a061bfacf0d94adaee2c8615b185372fb2d9611aa1128
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.fusionmovies.to
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www4.fusionmovies.to
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=f5b6b975-8318-4b40-8d29-1f8954290460:3:1; expires=Thu, 01 Dec 2033 23:17:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
www4.fusionmovies.to/addons/img/icons/tw.png
104.21.69.70 440 B URL www4.fusionmovies.to/addons/img/icons/tw.png
IP 104.21.69.70:0
File type PNG image data, 22 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash ad968f2c569f8189a0553e25bd956dbf
9e0c1cd3333ebadc2f20f576d35c2c55907ad4c6
8b8e54cc78e0537b1e4a528982d8a7aa770985a3400ef3f66ad0fc78796ce4fe
GET /addons/img/icons/tw.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/addons/css/main.min.css?v=1618341527
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: image/png
content-length: 440
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-1b8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.7:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1083359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXW2ne0p7GHrBkqMuBHVZbGkXzBfMuLMrH%2FGueJfqYyfw5xEWppiAUeh%2FdhIgflt%2FRw6DvtCJJQT3aFiL9dx0Y6Cknmr4G0vvtchaL%2FbIXsV5o13T0%2B22FbUJafW9ILEis1RORuDaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2f19f4556a8-OSL
alt-svc: h3=":443"; ma=86400
www4.fusionmovies.to/addons/img/icons/f.png
104.21.69.70 895 B URL www4.fusionmovies.to/addons/img/icons/f.png
IP 104.21.69.70:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash b0cf8a588b35e7c8ca1b9e29ca878fa7
ed2bf8b9870799b6d9dab586730419d0e753e91b
99868cdc70144ce04cf80bdd6f44cb213bc4c4a80a7ae3f17bec2c17744b918d
GET /addons/img/icons/f.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/addons/css/main.min.css?v=1618341527
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: image/png
content-length: 895
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-37f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.7:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1083359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzaVDUV8EdaqHPjRzTPmDloVx5DaoayxyIbcptFDWFrdwQPd9yBof1Df0nQKDkRnnJxhUQuUMXSzB4jnZhdZ1MJYLIuFqegnJOSDAF2utKV1YCVphCvcF9QorduxvDYsrCTt1X3oUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2f19f4356a8-OSL
alt-svc: h3=":443"; ma=86400
static.fusionmovies.to/images/movies/BWmFrIow8SUrEDP3AtH9nAXRSeYwdG7UhwQrsyu56Ccs42i_O1BlOdPpQuuaPCQAgHWDOEoGfcKR77rG14XU6V7y7bX13BuO9sFA-_mO_VE.jpg?1
104.21.69.70 359 kB URL static.fusionmovies.to/images/movies/BWmFrIow8SUrEDP3AtH9nAXRSeYwdG7UhwQrsyu56Ccs42i_O1BlOdPpQuuaPCQAgHWDOEoGfcKR77rG14XU6V7y7bX13BuO9sFA-_mO_VE.jpg?1
IP 104.21.69.70:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 359 kB (359199 bytes)
Hash ad07f5e7831d1ef0a68cb3920aa01edb
cc8b62cab942769625ca7c91c3bffcc55d6ce415
8f4ee24d6079f33b41ebf348508435aee226f63b0a982cf191dac109e390dc61
GET /images/movies/BWmFrIow8SUrEDP3AtH9nAXRSeYwdG7UhwQrsyu56Ccs42i_O1BlOdPpQuuaPCQAgHWDOEoGfcKR77rG14XU6V7y7bX13BuO9sFA-_mO_VE.jpg?1 HTTP/1.1
Host: static.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: image/jpeg
content-length: 359199
etag: "5c347d6b-57b1f"
last-modified: Sun, 19 Nov 2000 08:52:00 GMT
expires: Tue, 03 Dec 2024 23:17:12 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqZlTmm53lLwcGOD2V%2Bjs3PJLl8nxBRXM%2BITX3jxAvBiS2M0ksQAe0Sox1Ja9DGZHJeNZMNOF8A9lz20E6UJXvGZXaP3x7xRcZs6jw4lM1zlsuWjz1v%2FZJvKq%2Fbi%2Fl7r6fDMYS%2BYfGLy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2ef5d5856a8-OSL
alt-svc: h3=":443"; ma=86400
henriettaproducesdecide.com/pixel/purst?dl=0&th=0&sc=0&rs=1322&rd=1322&fd=815&bv=23.12.v.2&tmpl=70
173.233.137.36 0 B URL henriettaproducesdecide.com/pixel/purst?dl=0&th=0&sc=0&rs=1322&rd=1322&fd=815&bv=23.12.v.2&tmpl=70
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1322&rd=1322&fd=815&bv=23.12.v.2&tmpl=70 HTTP/1.1
Host: henriettaproducesdecide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:12 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www4.fusionmovies.to/dist/image/premIcoNew.png
104.21.69.70 1.4 kB URL www4.fusionmovies.to/dist/image/premIcoNew.png
IP 104.21.69.70:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d6e15b1af61d44ea348342e0e4668efc
d9c7b5777e414b7158204be9ccd357bb95418488
34b8c2438292b65db3d71a2d4dcd255f8b6150327b46617a0d794536fefcd85d
GET /dist/image/premIcoNew.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/film/deadpool-2/Wqccxzip/LvBrqZlE
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f5b6b975-8318-4b40-8d29-1f8954290460%3A3%3A1; pp_main_b005c98326c3554c8acdc4604221173c=1; sb_main_82fe0b644d03b2da47a79435101845c5=1; sb_count_82fe0b644d03b2da47a79435101845c5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: image/png
content-length: 1380
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-564"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.7:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 654923
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiu20zVfKdBsLDzzTffuAKQU%2F7vij%2FMYoND33g24lc%2FucSrVba3wl8nGT%2BoPqRcm1TYcuzMn2z%2Fx4oTqsNmqIJirOEF0gMEnLQ2HwaQiYoDzGNKrh%2Fq%2Bj1lOD5T%2BPWwAdrdzUDcZHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2f2bffa56a8-OSL
alt-svc: h3=":443"; ma=86400
banquetunarmedgrater.com/advertisers.js
172.67.219.12 0 B URL banquetunarmedgrater.com/advertisers.js
IP 172.67.219.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: 82f276492edbfa55528d618ce47a5442
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 04 Dec 2023 23:17:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8rGKHYZ1mmyqmPHHXbuBpzyC0VJiMIYub%2FdIAywa9ywd2tIOnLxpcZVkIUZvOfb2rx5qwrrM5%2FaHhfqjkVZoQe9He5ZgsfVJXlZJqPZHUoql4Dq9LratFJ7LBOu0%2B%2Bgf3WP4paU2ooPrW0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2f23f305685-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www4.fusionmovies.to/addons/img/icons/lamp.png
104.21.69.70 2.7 kB URL www4.fusionmovies.to/addons/img/icons/lamp.png
IP 104.21.69.70:0
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash c3256b7f816682ed67265ae987db7f26
60eeeb3e7620e1938633a0e1fb63d282e9f1fa87
dc1dfe417ff2974838b109fc3b2058dea235ee98f2b2d0c85aad16fb9a6d2e9a
GET /addons/img/icons/lamp.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/addons/css/main.min.css?v=1618341527
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f5b6b975-8318-4b40-8d29-1f8954290460%3A3%3A1; pp_main_b005c98326c3554c8acdc4604221173c=1; sb_main_82fe0b644d03b2da47a79435101845c5=1; sb_count_82fe0b644d03b2da47a79435101845c5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: image/png
content-length: 2684
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-a7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.7:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 658962
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvh7Pj%2Fn7rY%2Fon8UVbR6xAePqYfRuXtRDZPRb0J%2BkDxO92Cy1FeNvAGTEOlMgG%2Br3iAmtLqOExp3JV7Po4u0lRd4lB22cn%2BoAdl2Z09xBSuB3qIANtqYcdaMoXar4iFM%2FI7wRI4phg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2f358af56a8-OSL
alt-svc: h3=":443"; ma=86400
www4.fusionmovies.to/user/getsubscribe/Wqccxzip?page_type=movie
104.21.69.70 1.4 kB URL www4.fusionmovies.to/user/getsubscribe/Wqccxzip?page_type=movie
IP 104.21.69.70:0
File type HTML document, ASCII text
Hash 0bb4f884131238c7d2a9ec9ad534003a
b1486a2ae37ec890e8a5cc7aa29d38244caf71cd
1e5122534d475451a82235895c98b2b26e30481d1e59d13aa2b8c5c880a92da4
GET /user/getsubscribe/Wqccxzip?page_type=movie HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/film/deadpool-2/Wqccxzip/LvBrqZlE
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.10:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rR4RIo9gCXFCYNERtFBWQxHdpaJV%2BBeZlyhcY3bW%2Bz%2FWz8%2BMgycynmPoz%2Fq0JpIbI3kc6e1dUS%2F4DvsdONDeXVzLYUWBjKRguztnVqfcDzxxofbewURDK361zM%2F3f5EYz1D60SLnjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8307c2f1af4a56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
manuretravelingaroma.com/ntv.json?key=2bac96d46c8a2a71fcaaa04943f076df&vstc=6
173.233.137.60 25 kB URL manuretravelingaroma.com/ntv.json?key=2bac96d46c8a2a71fcaaa04943f076df&vstc=6
IP 173.233.137.60:0
File type JSON data\012- , ASCII text, with very long lines (25171), with no line terminators
Hash 1114aae4ed8931bf17f61cb83549e7f0
5fb19955f9da6cf38dc54b8106442b8c878b721e
89796cd7f4f44ab2e4be699d764372f9db0345cd4f1f5aeffeeea2423a5f7821
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ntv.json?key=2bac96d46c8a2a71fcaaa04943f076df&vstc=6 HTTP/1.1
Host: manuretravelingaroma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.fusionmovies.to
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:12 GMT
Content-Type: application/json
Content-Length: 25171
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www4.fusionmovies.to
Access-Control-Allow-Origin: https://www4.fusionmovies.to
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=14944260; expires=Tue, 05 Dec 2023 23:17:12 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 05 Dec 2023 23:17:12 GMT; secure; SameSite=None
uncs=1; expires=Tue, 05 Dec 2023 23:17:12 GMT; secure; SameSite=None
pdhtkv49=true; expires=Tue, 05 Dec 2023 23:17:12 GMT; secure; SameSite=None
uncs49=1; expires=Tue, 05 Dec 2023 23:17:12 GMT; secure; SameSite=None
nlec2bac96d46c8a2a71fcaaa04943f076df=[2106764,2007583,2229213,2229214,2229215,2229212]; expires=Mon, 04 Dec 2023 23:17:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a9f63df34f184d5b028532b0b7c3fd04
Strict-Transport-Security: max-age=0; includeSubdomains
manuretravelingaroma.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o3LogdRvAiijbCiIJPu%2BZHJuIfFdY0EYxJ3V3LyUF1VPSlT3dVUdU9PcoouyB48jBdRT503yQbXsLp%2FgCITL0tASF80YOLFy56FZY%2FSswOjBf2%2B79Xrw3vfV5%2FvZGfER0ZPVj%2FQW1IpOtuqee7razLmOrfu8k3X92reZXdNxnPNy26%2FAtN7y%2FdaNe8N9z3BNvRs3fM9z%2Fd8d0EaEer%2B7FiFTA46fq3j1Zr1mt9qom%2F%2Bz23mwFIHvHdGnofk5VPrD%2B5DshHi6Mdrwm6kOnnz3ShTNNUGPb7%2FUbwR6zxGNG1D4yCM9yd%2FQ9uSkK%2FPQcf7kwTQvd0qAQJZEud3H0G8P7GJoLf3xGmgIGIE%2FBnkvRGEGkHSEZi%2BBcmPCcA4llcQR3eWtcnp5hOVVmpJZh79A5mXZOb0BcTRvatK9t0bWmWp1LFFPywg%2ByPI7ghJdoh0y4HMD8HSzyD5b2T20RLiaHfFKg3Ji3F6KUeQ4QhKDECtg6z6pIMsdJAlDiJ%2B4tJWJ%2FS8dhiEjcZ8kzHWaDDWmp%2FjLd5ozoceMlbZGyBNBmBqAGa2kZhtbMgvj1uXYLJfYNcLWO7ApiVxPtxGjxfIBUFuCXJKkEuCPCXIe8UeV7Zuiztc2SzwJ7U%2BqY1iqNPuDt3TaVfEBNQMdpIz8tx4PH9fnMGGOHHrAWWdOd6cY%2FO0Ttt%2ByCilXrPTbIRee46HsLKAtOfGibeqXf3xEElV%2BSkCegirDsGkA5r5oPmwXfdA14fNeQ9b8Q9hZqWOI92TwtZSDa4LJOkM0k1nR52RF8dW3EtfQLCjK3dfOrjov%2FYQzBRITIFP5K8EXXV7eF3nZPe6zi25v5KkMpJbtNrijZSm4vzd98Vmrg1fvGYH373NKqFqD24Kmy7RmMu4a8n3VyXnwixowwT5adGuiWA1s%2BtXMxNnydLqOwuLUWKErcyOQOXxymMwWZKZT38ev89ny3uQZgSTFYiyIzI5kPoQLNmGTaZ3VhMYNeVB4iDPiqGpB9NLJQmUmHIaFLD%2F4cG037G30TUXQNNbiKMCPVOgpwpQNYDNnh6miTm68uCb6nyLQF0YBspc2A2UUV%2BNR1uSl%2FFKSV49f1rBWQV%2FVfAnrDxxRSv0QuHVRRB2grBNPd4Jm52AdnzRDlrUR2pLEX%2F8%2BF8AAAD%2F%2FwEAAP%2F%2Fs8xXF5AEAAA%3D
173.233.137.60 7 B URL manuretravelingaroma.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o3LogdRvAiijbCiIJPu%2BZHJuIfFdY0EYxJ3V3LyUF1VPSlT3dVUdU9PcoouyB48jBdRT503yQbXsLp%2FgCITL0tASF80YOLFy56FZY%2FSswOjBf2%2B79Xrw3vfV5%2FvZGfER0ZPVj%2FQW1IpOtuqee7razLmOrfu8k3X92reZXdNxnPNy26%2FAtN7y%2FdaNe8N9z3BNvRs3fM9z%2Fd8d0EaEer%2B7FiFTA46fq3j1Zr1mt9qom%2F%2Bz23mwFIHvHdGnofk5VPrD%2B5DshHi6Mdrwm6kOnnz3ShTNNUGPb7%2FUbwR6zxGNG1D4yCM9yd%2FQ9uSkK%2FPQcf7kwTQvd0qAQJZEud3H0G8P7GJoLf3xGmgIGIE%2FBnkvRGEGkHSEZi%2BBcmPCcA4llcQR3eWtcnp5hOVVmpJZh79A5mXZOb0BcTRvatK9t0bWmWp1LFFPywg%2ByPI7ghJdoh0y4HMD8HSzyD5b2T20RLiaHfFKg3Ji3F6KUeQ4QhKDECtg6z6pIMsdJAlDiJ%2B4tJWJ%2FS8dhiEjcZ8kzHWaDDWmp%2FjLd5ozoceMlbZGyBNBmBqAGa2kZhtbMgvj1uXYLJfYNcLWO7ApiVxPtxGjxfIBUFuCXJKkEuCPCXIe8UeV7Zuiztc2SzwJ7U%2BqY1iqNPuDt3TaVfEBNQMdpIz8tx4PH9fnMGGOHHrAWWdOd6cY%2FO0Ttt%2ByCilXrPTbIRee46HsLKAtOfGibeqXf3xEElV%2BSkCegirDsGkA5r5oPmwXfdA14fNeQ9b8Q9hZqWOI92TwtZSDa4LJOkM0k1nR52RF8dW3EtfQLCjK3dfOrjov%2FYQzBRITIFP5K8EXXV7eF3nZPe6zi25v5KkMpJbtNrijZSm4vzd98Vmrg1fvGYH373NKqFqD24Kmy7RmMu4a8n3VyXnwixowwT5adGuiWA1s%2BtXMxNnydLqOwuLUWKErcyOQOXxymMwWZKZT38ev89ny3uQZgSTFYiyIzI5kPoQLNmGTaZ3VhMYNeVB4iDPiqGpB9NLJQmUmHIaFLD%2F4cG037G30TUXQNNbiKMCPVOgpwpQNYDNnh6miTm68uCb6nyLQF0YBspc2A2UUV%2BNR1uSl%2FFKSV49f1rBWQV%2FVfAnrDxxRSv0QuHVRRB2grBNPd4Jm52AdnzRDlrUR2pLEX%2F8%2BF8AAAD%2F%2FwEAAP%2F%2Fs8xXF5AEAAA%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o3LogdRvAiijbCiIJPu%2BZHJuIfFdY0EYxJ3V3LyUF1VPSlT3dVUdU9PcoouyB48jBdRT503yQbXsLp%2FgCITL0tASF80YOLFy56FZY%2FSswOjBf2%2B79Xrw3vfV5%2FvZGfER0ZPVj%2FQW1IpOtuqee7razLmOrfu8k3X92reZXdNxnPNy26%2FAtN7y%2FdaNe8N9z3BNvRs3fM9z%2Fd8d0EaEer%2B7FiFTA46fq3j1Zr1mt9qom%2F%2Bz23mwFIHvHdGnofk5VPrD%2B5DshHi6Mdrwm6kOnnz3ShTNNUGPb7%2FUbwR6zxGNG1D4yCM9yd%2FQ9uSkK%2FPQcf7kwTQvd0qAQJZEud3H0G8P7GJoLf3xGmgIGIE%2FBnkvRGEGkHSEZi%2BBcmPCcA4llcQR3eWtcnp5hOVVmpJZh79A5mXZOb0BcTRvatK9t0bWmWp1LFFPywg%2ByPI7ghJdoh0y4HMD8HSzyD5b2T20RLiaHfFKg3Ji3F6KUeQ4QhKDECtg6z6pIMsdJAlDiJ%2B4tJWJ%2FS8dhiEjcZ8kzHWaDDWmp%2FjLd5ozoceMlbZGyBNBmBqAGa2kZhtbMgvj1uXYLJfYNcLWO7ApiVxPtxGjxfIBUFuCXJKkEuCPCXIe8UeV7Zuiztc2SzwJ7U%2BqY1iqNPuDt3TaVfEBNQMdpIz8tx4PH9fnMGGOHHrAWWdOd6cY%2FO0Ttt%2ByCilXrPTbIRee46HsLKAtOfGibeqXf3xEElV%2BSkCegirDsGkA5r5oPmwXfdA14fNeQ9b8Q9hZqWOI92TwtZSDa4LJOkM0k1nR52RF8dW3EtfQLCjK3dfOrjov%2FYQzBRITIFP5K8EXXV7eF3nZPe6zi25v5KkMpJbtNrijZSm4vzd98Vmrg1fvGYH373NKqFqD24Kmy7RmMu4a8n3VyXnwixowwT5adGuiWA1s%2BtXMxNnydLqOwuLUWKErcyOQOXxymMwWZKZT38ev89ny3uQZgSTFYiyIzI5kPoQLNmGTaZ3VhMYNeVB4iDPiqGpB9NLJQmUmHIaFLD%2F4cG037G30TUXQNNbiKMCPVOgpwpQNYDNnh6miTm68uCb6nyLQF0YBspc2A2UUV%2BNR1uSl%2FFKSV49f1rBWQV%2FVfAnrDxxRSv0QuHVRRB2grBNPd4Jm52AdnzRDlrUR2pLEX%2F8%2BF8AAAD%2F%2FwEAAP%2F%2Fs8xXF5AEAAA%3D HTTP/1.1
Host: manuretravelingaroma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: u_pl=14944260; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ada0aaa30573ad622937d13369343931
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
45.133.44.9 28 kB URL cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash f4fabf64be47ce667e0cfc150667b36c
234d722efa06cbedfdad9c1bb497a942997741dd
272b7875492a55c6f53a4e4704e715cc5b3cc4e5093758cbfedd95441bfe98d8
GET /cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:17:13 GMT
content-type: image/jpeg
content-length: 27606
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:17:59 GMT
etag: "61124447-6bd6"
expires: Wed, 06 Dec 2023 23:17:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
manuretravelingaroma.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
173.233.137.60 23 kB URL manuretravelingaroma.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
IP 173.233.137.60:0
File type ASCII text, with very long lines (59559)
Hash bb6af57cdba58bc7a56f9c1be43ab302
f2ca16702d45e80d594982f22a94749dd5d141a0
d77cd06e1d1de32a19364d0fa655f140cc831f3942c3b2b66579cd5809ff3484
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /65/aa/28/65aa283021630dfd9030555c4c61a78c.js HTTP/1.1
Host: manuretravelingaroma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: u_pl=14944260; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_AN-1159_new=0; expires=Sat, 09 Dec 2023 03:17:13 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 84a8d5a93663bc310eca966b79e361ba
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg
45.133.44.9 23 kB URL cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 4452445afb73fab8af9ff308eb667024
130401c47d822426e1cce9981c30d775cba1b576
923b0ac505decd181f473f1fa460f21590777993c3581723f127b032d8c45bdd
GET /cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:17:13 GMT
content-type: image/jpeg
content-length: 22987
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:16:05 GMT
etag: "611243d5-59cb"
expires: Wed, 06 Dec 2023 23:17:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.173.31 50 kB URL friendshipmale.com/sfp.js
IP 172.64.173.31:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 924e967bca1d599992556a8d139b1c5a
222b09dbf164ddc03d39100fd0524a22018d28b2
ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: a4b962a36a1d64c944efddaacfb83ecf
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 04 Dec 2023 23:17:12 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oy73ADb6nO14jgnQqo6pxPy4q8cBSP0AKiQ%2B9trpoxbdm9oE5C5c81bbvxi49b8HK%2F9Ho8LBpP5cgwUpz2ws0AkSWTCWDsdrU1ZwsNy093hV9oOlTt08CJz63FRGIJRGApXiKA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2efcfdf77a6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/d3/d8/54/d3d854e09baf98769edb56efeed4003d/1588230093.jpg
45.133.44.9 25 kB URL cdn.cloudimagesb.com/cti/d3/d8/54/d3d854e09baf98769edb56efeed4003d/1588230093.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash bdc62927b451fa652d21d87b4045ee66
a2bbaa994e3a90077f2dc6a7c873c2d146a4ea02
2f5425c47ca44114e94a1b45504435fcd6596ae750973035406f2b12e6a6f126
GET /cti/d3/d8/54/d3d854e09baf98769edb56efeed4003d/1588230093.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:17:13 GMT
content-type: image/jpeg
content-length: 25109
server: nginx/1.21.6
last-modified: Thu, 30 Apr 2020 07:01:36 GMT
etag: "5eaa77d0-6215"
expires: Wed, 06 Dec 2023 23:17:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.173.31 57 kB URL friendshipmale.com/sfp.js
IP 172.64.173.31:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 924e967bca1d599992556a8d139b1c5a
222b09dbf164ddc03d39100fd0524a22018d28b2
ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: bc9ed7fad905442138db4c9bb58bba05
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 04 Dec 2023 23:17:12 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeDD9BgSDDzuy9rB2x26ofU4QTam%2FmbouqNGmzYTGYrj%2BSyRVEjmLFLjMXIRHad4Ap5A2BBDRiNRc75%2BGWOLpHTwhCX1WSGDTDI6lFIAxFW9LouZqrP%2Bl7905VLKsvZGbcXRglw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2efcfe177a6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
45.133.44.9 29 kB URL cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 76f54f42b70d14a6d6bfe2f8b1945265
197daa3737be8968bf39ff28000663c1c17deeb2
c864fde3026e05a2cc34b4348fa4888d3ae44202179277877d082cadd9971abc
GET /cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:17:13 GMT
content-type: image/jpeg
content-length: 28852
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:18:59 GMT
etag: "61124483-70b4"
expires: Wed, 06 Dec 2023 23:17:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
heartsawpeat.com/ntv.json?key=dc02b59d2ec7728b715e55ccc7f48ee7&vstc=4
192.243.61.225 17 kB URL heartsawpeat.com/ntv.json?key=dc02b59d2ec7728b715e55ccc7f48ee7&vstc=4
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (16662), with no line terminators
Hash 5f46f0f40dcc3b180b92d4c880b672e9
89c5f7d6663028d7379bccc6501010d8f4cb4686
5e2201ca6eded3f8fe4f580fe865306cf62af80c4c03f69d5e88de0c9407ff42
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ntv.json?key=dc02b59d2ec7728b715e55ccc7f48ee7&vstc=4 HTTP/1.1
Host: heartsawpeat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.fusionmovies.to
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: application/json
Content-Length: 16662
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www4.fusionmovies.to
Access-Control-Allow-Origin: https://www4.fusionmovies.to
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=14944259; expires=Tue, 05 Dec 2023 23:17:13 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 05 Dec 2023 23:17:13 GMT; secure; SameSite=None
uncs=1; expires=Tue, 05 Dec 2023 23:17:13 GMT; secure; SameSite=None
pdhtkv49=true; expires=Tue, 05 Dec 2023 23:17:13 GMT; secure; SameSite=None
uncs49=1; expires=Tue, 05 Dec 2023 23:17:13 GMT; secure; SameSite=None
nlecdc02b59d2ec7728b715e55ccc7f48ee7=[2229215,2229212,2229214,2229213]; expires=Mon, 04 Dec 2023 23:17:18 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 30f7d6717a211b001c279e7c05f1a0cb
Strict-Transport-Security: max-age=0; includeSubdomains
www4.fusionmovies.to/user/gethead?notif=false
104.21.69.70 4.8 kB URL www4.fusionmovies.to/user/gethead?notif=false
IP 104.21.69.70:0
File type JSON data\012- HTML document, ASCII text, with very long lines (1981), with no line terminators
Hash dfb0fdacd201ba29d9c58a198edf3b1b
39b4917709bf207d04e1f3fbaab381f292e9b302
24032c8711fe609a9c169c8d68535d49647c0b99be565f8f86723cc91bdefe67
GET /user/gethead?notif=false HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/film/deadpool-2/Wqccxzip/LvBrqZlE
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.10:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMsVbvlUihj7RHaAe8%2BntL919KjFqF%2BWTDNocGDeCu35joTc2bDmZX4AEIcktCiyev1QMAPkhV44GM2GlyZVCTYuCpt4lbZKAsT%2FV65gQmWaak6gJwR%2BHEyOOk%2BzFub4nfc3Ppl%2F8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8307c2f19f4156a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
manuretravelingaroma.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o1h0YuKF0G0EVYUZNI9PzIZ97AY10gwJnF3JScP1VXVkzLVXU1V9%2FQkp%2BiK7MHDeBH11HmTbHAN6v4Biky8LEEhc9GAiRcvexaWPUpPBsb9oL8f%2Fb7De%2B%2Brz3ayM%2BIjoyer7%2BktqRSdaVQ899U1GXOdW3f5put7Fe%2BKuybj2foVt1sm03nD9xoV7zX3HcE29EzV8z3P93x3QRoR6u7MCIVMDlp%2BpeVV6tWK36ijax6fbebAUge8c0aeheTDJ9bv34NkA8TRj9eE3Uh18vrbUaZoqg06fP%2BDeCPWeYxo0obGQRjvj7eh7ZCQry5Ax%2FtjBdCd3VIBAjkkzh8%2Bgnh%2FTBNBZ%2B%2BcaaAgYgT8KeSdAYQaQNIBmL4FyY8JwDiWVxBHd5a1yenmOUpLdEimHv4LmQ%2FJ1OlziKPv55Xsuje0ylKpY4tuWEB2B5DtAZLsEOmWA5kfgqWfQPLfyczDJcTR7opVGpIXI%2FVSDiDDAZTogVoHWflJB1noIEscRPzEpY1W6HnNMAhrtbk6Y6xWY6wxN8sbvFafCz1krKTXQ5r0wFQPzGwjMdvYkF8cNy7DZL%2FArhew3IFNh8R5fxsdXiAXBLklyClBLgnylCDvFHtc2aot7nBls8Af1%2Bq41oq%2BTts7dE%2BnbRETUNPbSc7IMyN7%2Frk0hQ1x4lYDylqzvD7L5miVNv2QUUq9eqteC73mLA9hZQFpL4wUb5W3%2BvMBkrLyUwT0EFYdgkkHNPNB836z6oGu9%2BtzHrbiH8LMSh1HuiOFraQaXBdI0imkm86OOiPPj6i8fPEvCHZ09e4LB5f8Vx6AmQKJKfCR%2FJWgrW73r%2Buc7F7XuSX3VpJURnKLlle8kdJUXLz7rtjMteGL12zv2zdZCZTtwU1h0yUacxm3LfluXnIuzII2TJCfFu2aCFYzuz6fmThLllbfWliMEiNsSXYAKo9XHoHJIZn6%2BOfR%2B3z6t08hzQAmKxBlR2QckPoQLNmGTSbsrSYwarITJNPIs6JvqsHkp5IESkxmGhSw%2F5uDSb9jb6NtpkHTW4ijAh1ToKMKUNWDzZ7sp4k5unr%2F6zK%2BQaCm%2B4Ey07uBMurLIXEvfz4kL%2BKl0uTTMp2V6e9zz608cUUj9ELhVUUQtoKwST3eCuutgLZ80Qwa1EdqhyL%2B8NF%2FAAAA%2F%2F8BAAD%2F%2F8dKa1WQBAAA
173.233.137.60 7 B URL manuretravelingaroma.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o1h0YuKF0G0EVYUZNI9PzIZ97AY10gwJnF3JScP1VXVkzLVXU1V9%2FQkp%2BiK7MHDeBH11HmTbHAN6v4Biky8LEEhc9GAiRcvexaWPUpPBsb9oL8f%2Fb7De%2B%2Brz3ayM%2BIjoyer7%2BktqRSdaVQ899U1GXOdW3f5put7Fe%2BKuybj2foVt1sm03nD9xoV7zX3HcE29EzV8z3P93x3QRoR6u7MCIVMDlp%2BpeVV6tWK36ijax6fbebAUge8c0aeheTDJ9bv34NkA8TRj9eE3Uh18vrbUaZoqg06fP%2BDeCPWeYxo0obGQRjvj7eh7ZCQry5Ax%2FtjBdCd3VIBAjkkzh8%2Bgnh%2FTBNBZ%2B%2BcaaAgYgT8KeSdAYQaQNIBmL4FyY8JwDiWVxBHd5a1yenmOUpLdEimHv4LmQ%2FJ1OlziKPv55Xsuje0ylKpY4tuWEB2B5DtAZLsEOmWA5kfgqWfQPLfyczDJcTR7opVGpIXI%2FVSDiDDAZTogVoHWflJB1noIEscRPzEpY1W6HnNMAhrtbk6Y6xWY6wxN8sbvFafCz1krKTXQ5r0wFQPzGwjMdvYkF8cNy7DZL%2FArhew3IFNh8R5fxsdXiAXBLklyClBLgnylCDvFHtc2aot7nBls8Af1%2Bq41oq%2BTts7dE%2BnbRETUNPbSc7IMyN7%2Frk0hQ1x4lYDylqzvD7L5miVNv2QUUq9eqteC73mLA9hZQFpL4wUb5W3%2BvMBkrLyUwT0EFYdgkkHNPNB836z6oGu9%2BtzHrbiH8LMSh1HuiOFraQaXBdI0imkm86OOiPPj6i8fPEvCHZ09e4LB5f8Vx6AmQKJKfCR%2FJWgrW73r%2Buc7F7XuSX3VpJURnKLlle8kdJUXLz7rtjMteGL12zv2zdZCZTtwU1h0yUacxm3LfluXnIuzII2TJCfFu2aCFYzuz6fmThLllbfWliMEiNsSXYAKo9XHoHJIZn6%2BOfR%2B3z6t08hzQAmKxBlR2QckPoQLNmGTSbsrSYwarITJNPIs6JvqsHkp5IESkxmGhSw%2F5uDSb9jb6NtpkHTW4ijAh1ToKMKUNWDzZ7sp4k5unr%2F6zK%2BQaCm%2B4Ey07uBMurLIXEvfz4kL%2BKl0uTTMp2V6e9zz608cUUj9ELhVUUQtoKwST3eCuutgLZ80Qwa1EdqhyL%2B8NF%2FAAAA%2F%2F8BAAD%2F%2F8dKa1WQBAAA
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o1h0YuKF0G0EVYUZNI9PzIZ97AY10gwJnF3JScP1VXVkzLVXU1V9%2FQkp%2BiK7MHDeBH11HmTbHAN6v4Biky8LEEhc9GAiRcvexaWPUpPBsb9oL8f%2Fb7De%2B%2Brz3ayM%2BIjoyer7%2BktqRSdaVQ899U1GXOdW3f5put7Fe%2BKuybj2foVt1sm03nD9xoV7zX3HcE29EzV8z3P93x3QRoR6u7MCIVMDlp%2BpeVV6tWK36ijax6fbebAUge8c0aeheTDJ9bv34NkA8TRj9eE3Uh18vrbUaZoqg06fP%2BDeCPWeYxo0obGQRjvj7eh7ZCQry5Ax%2FtjBdCd3VIBAjkkzh8%2Bgnh%2FTBNBZ%2B%2BcaaAgYgT8KeSdAYQaQNIBmL4FyY8JwDiWVxBHd5a1yenmOUpLdEimHv4LmQ%2FJ1OlziKPv55Xsuje0ylKpY4tuWEB2B5DtAZLsEOmWA5kfgqWfQPLfyczDJcTR7opVGpIXI%2FVSDiDDAZTogVoHWflJB1noIEscRPzEpY1W6HnNMAhrtbk6Y6xWY6wxN8sbvFafCz1krKTXQ5r0wFQPzGwjMdvYkF8cNy7DZL%2FArhew3IFNh8R5fxsdXiAXBLklyClBLgnylCDvFHtc2aot7nBls8Af1%2Bq41oq%2BTts7dE%2BnbRETUNPbSc7IMyN7%2Frk0hQ1x4lYDylqzvD7L5miVNv2QUUq9eqteC73mLA9hZQFpL4wUb5W3%2BvMBkrLyUwT0EFYdgkkHNPNB836z6oGu9%2BtzHrbiH8LMSh1HuiOFraQaXBdI0imkm86OOiPPj6i8fPEvCHZ09e4LB5f8Vx6AmQKJKfCR%2FJWgrW73r%2Buc7F7XuSX3VpJURnKLlle8kdJUXLz7rtjMteGL12zv2zdZCZTtwU1h0yUacxm3LfluXnIuzII2TJCfFu2aCFYzuz6fmThLllbfWliMEiNsSXYAKo9XHoHJIZn6%2BOfR%2B3z6t08hzQAmKxBlR2QckPoQLNmGTSbsrSYwarITJNPIs6JvqsHkp5IESkxmGhSw%2F5uDSb9jb6NtpkHTW4ijAh1ToKMKUNWDzZ7sp4k5unr%2F6zK%2BQaCm%2B4Ey07uBMurLIXEvfz4kL%2BKl0uTTMp2V6e9zz608cUUj9ELhVUUQtoKwST3eCuutgLZ80Qwa1EdqhyL%2B8NF%2FAAAA%2F%2F8BAAD%2F%2F8dKa1WQBAAA HTTP/1.1
Host: manuretravelingaroma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: u_pl=14944260; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d39f61e53682075dfee66c1a8748a585
Strict-Transport-Security: max-age=0; includeSubdomains
manuretravelingaroma.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitjjGIgqCI4EUbYUFRJt3zIzPjHsS4RoIxibsrOXmorqqelKnuaqr6xySn4ILswcN4EfXUeZNs0F3U%2FQMEmXhZFoTMRQMmXrx4Fpb1Jj07MFrQ7%2FtevT6893316UF2QXxk9Gzzfb0nlaKLrZrnvrIlY64L665fd32v5l12t2S81Lzs9isw%2BRu%2B16p5r7rvCrajF%2Bue73m%2B57sr0ohQ9xcnKmRyp%2BvXul6tWa%2F5rSb65v%2FcZg4sdcDzC%2FIsJB8%2Fvn3vLiQbIY5%2BuCLsTqqT19%2BJMkVTbZDz4w%2FjnVgXMaJZGxoHYXw8%2FRvajgn5cg46Pp4mgM4PqwQI5Jg4v%2FoI4uOpTQT50SOngYKIEfCnUOQjCDWCpCMwfQOSnxKAcaxvII5urWtT0N1HKq3UMZl%2F8DdkMSbz588hjr5bVrLvXtMqS6WOLfphCdkfQfZGSLITpHsOZHECln4CyX8hiw%2FWEEeHG1ZpSF5O0ks5ggxHUGIAah1k1ScdZKGDLHEQ8TOXtrqh57XDIGw0Ok3GWKPBWKuzxFu80eyEHjJW2RsgTQZgagBm9pGYfezIz09bl2Cyn2C3S1juwKZj4nywj5yXKARBYQkKSlBIgiIlKPLyiCtbt%2BUtrmwW%2BNNan9ZGOdRp74Ae6bQnYgJqBgfJBXlmMp4%2Fn5jHjjhz6wFl3SXeXGIdWqdtP2SUUq%2FZbTZCr73EQ1hZQtq5SeK9ale%2F%2FYWkqvwcAT2BVSdg0gHNfNBi2K57oNvDZsfDXvx9mFmp40jnUthaqsF1iSSdR7rrHKgL8sLEyot4CYLdJ9MDZkokpsTH8meCnro5vKoLcnhVF5bc3UhSGck9Wm3xWkpTsfDte2K30IavXrGDb95ilVC1d64Lm67RmMu4Z8ntZcm5MCvaMEF%2BXLVbItjM7PZyZuIsWdt8e2U1SoywldkRqDzdeAgmx2T%2B%2BX8m7%2FPp269BmhFMViLKZk6lPgFL9mGT2Z3VBEbNeJDMocjKoakHs0slCZSYcRqUsP%2Fhwaw%2FsDfRMwug6Q3EUYnclMhVCaoGsNmTwzQx99%2B891V1vkagFoaBMguHgTLqizFxL302me%2BYvPzYeQUXFfxRwe%2Bw8sxt%2BU3RCTptxnkgGPfb9Uan4Xl1zpvtrvC7SO1YxB89%2FBcAAP%2F%2FAQAA%2F%2F%2Fb9dWHkAQAAA%3D%3D
173.233.137.36 7 B URL manuretravelingaroma.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitjjGIgqCI4EUbYUFRJt3zIzPjHsS4RoIxibsrOXmorqqelKnuaqr6xySn4ILswcN4EfXUeZNs0F3U%2FQMEmXhZFoTMRQMmXrx4Fpb1Jj07MFrQ7%2FtevT6893316UF2QXxk9Gzzfb0nlaKLrZrnvrIlY64L665fd32v5l12t2S81Lzs9isw%2BRu%2B16p5r7rvCrajF%2Bue73m%2B57sr0ohQ9xcnKmRyp%2BvXul6tWa%2F5rSb65v%2FcZg4sdcDzC%2FIsJB8%2Fvn3vLiQbIY5%2BuCLsTqqT19%2BJMkVTbZDz4w%2FjnVgXMaJZGxoHYXw8%2FRvajgn5cg46Pp4mgM4PqwQI5Jg4v%2FoI4uOpTQT50SOngYKIEfCnUOQjCDWCpCMwfQOSnxKAcaxvII5urWtT0N1HKq3UMZl%2F8DdkMSbz588hjr5bVrLvXtMqS6WOLfphCdkfQfZGSLITpHsOZHECln4CyX8hiw%2FWEEeHG1ZpSF5O0ks5ggxHUGIAah1k1ScdZKGDLHEQ8TOXtrqh57XDIGw0Ok3GWKPBWKuzxFu80eyEHjJW2RsgTQZgagBm9pGYfezIz09bl2Cyn2C3S1juwKZj4nywj5yXKARBYQkKSlBIgiIlKPLyiCtbt%2BUtrmwW%2BNNan9ZGOdRp74Ae6bQnYgJqBgfJBXlmMp4%2Fn5jHjjhz6wFl3SXeXGIdWqdtP2SUUq%2FZbTZCr73EQ1hZQtq5SeK9ale%2F%2FYWkqvwcAT2BVSdg0gHNfNBi2K57oNvDZsfDXvx9mFmp40jnUthaqsF1iSSdR7rrHKgL8sLEyot4CYLdJ9MDZkokpsTH8meCnro5vKoLcnhVF5bc3UhSGck9Wm3xWkpTsfDte2K30IavXrGDb95ilVC1d64Lm67RmMu4Z8ntZcm5MCvaMEF%2BXLVbItjM7PZyZuIsWdt8e2U1SoywldkRqDzdeAgmx2T%2B%2BX8m7%2FPp269BmhFMViLKZk6lPgFL9mGT2Z3VBEbNeJDMocjKoakHs0slCZSYcRqUsP%2Fhwaw%2FsDfRMwug6Q3EUYnclMhVCaoGsNmTwzQx99%2B891V1vkagFoaBMguHgTLqizFxL302me%2BYvPzYeQUXFfxRwe%2Bw8sxt%2BU3RCTptxnkgGPfb9Uan4Xl1zpvtrvC7SO1YxB89%2FBcAAP%2F%2FAQAA%2F%2F%2Fb9dWHkAQAAA%3D%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitjjGIgqCI4EUbYUFRJt3zIzPjHsS4RoIxibsrOXmorqqelKnuaqr6xySn4ILswcN4EfXUeZNs0F3U%2FQMEmXhZFoTMRQMmXrx4Fpb1Jj07MFrQ7%2FtevT6893316UF2QXxk9Gzzfb0nlaKLrZrnvrIlY64L665fd32v5l12t2S81Lzs9isw%2BRu%2B16p5r7rvCrajF%2Bue73m%2B57sr0ohQ9xcnKmRyp%2BvXul6tWa%2F5rSb65v%2FcZg4sdcDzC%2FIsJB8%2Fvn3vLiQbIY5%2BuCLsTqqT19%2BJMkVTbZDz4w%2FjnVgXMaJZGxoHYXw8%2FRvajgn5cg46Pp4mgM4PqwQI5Jg4v%2FoI4uOpTQT50SOngYKIEfCnUOQjCDWCpCMwfQOSnxKAcaxvII5urWtT0N1HKq3UMZl%2F8DdkMSbz588hjr5bVrLvXtMqS6WOLfphCdkfQfZGSLITpHsOZHECln4CyX8hiw%2FWEEeHG1ZpSF5O0ks5ggxHUGIAah1k1ScdZKGDLHEQ8TOXtrqh57XDIGw0Ok3GWKPBWKuzxFu80eyEHjJW2RsgTQZgagBm9pGYfezIz09bl2Cyn2C3S1juwKZj4nywj5yXKARBYQkKSlBIgiIlKPLyiCtbt%2BUtrmwW%2BNNan9ZGOdRp74Ae6bQnYgJqBgfJBXlmMp4%2Fn5jHjjhz6wFl3SXeXGIdWqdtP2SUUq%2FZbTZCr73EQ1hZQtq5SeK9ale%2F%2FYWkqvwcAT2BVSdg0gHNfNBi2K57oNvDZsfDXvx9mFmp40jnUthaqsF1iSSdR7rrHKgL8sLEyot4CYLdJ9MDZkokpsTH8meCnro5vKoLcnhVF5bc3UhSGck9Wm3xWkpTsfDte2K30IavXrGDb95ilVC1d64Lm67RmMu4Z8ntZcm5MCvaMEF%2BXLVbItjM7PZyZuIsWdt8e2U1SoywldkRqDzdeAgmx2T%2B%2BX8m7%2FPp269BmhFMViLKZk6lPgFL9mGT2Z3VBEbNeJDMocjKoakHs0slCZSYcRqUsP%2Fhwaw%2FsDfRMwug6Q3EUYnclMhVCaoGsNmTwzQx99%2B891V1vkagFoaBMguHgTLqizFxL302me%2BYvPzYeQUXFfxRwe%2Bw8sxt%2BU3RCTptxnkgGPfb9Uan4Xl1zpvtrvC7SO1YxB89%2FBcAAP%2F%2FAQAA%2F%2F%2Fb9dWHkAQAAA%3D%3D HTTP/1.1
Host: manuretravelingaroma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: u_pl=14944260; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 777aae93150cab90ea8eca80689dbdc6
Strict-Transport-Security: max-age=0; includeSubdomains
manuretravelingaroma.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitXmMQBUERwYs2woKiTLrnRybjHsR1jQRjEndXcvJQXVU9KVNd1VR1T09yCi7IHjyMF1FPnTfJBt1F3T9AkImXZUHIXDRg4sWLZ2FZb9KzA6MF%2Fb7v1evDe99Xn%2B7n5yRETk833je7Uim60KoF%2FiubUnNTOH%2Ftuh8GteCSvyn1YvOS36%2FA9t4Ig1YteNV%2FV7Bts1APwiAIg9BfllbEpr8wUSHTO52w1glqzXotbDXRt%2F%2FnLvfgqAfeOyfPQvLx41v37kKyEXTywxXhtjOTvv5OkiuaGYseP%2FpQb2tTaCSzNrYeYn00%2FRvGjQn58gKMPpomgOkdVAkQyTHxfg0R6aOpTUS9w0dOIwWhEfGnUPRGEGoESUdg5gYkPyEA41hbh05urRlb0J1HKq3UMZl78DdkMSZzZ89BJ99dVrLvXzMqz6TRDv24hOyPILsjpPkxsl0PsjgGyz6B5L%2BQhQer0MnBulMGkpeT9FKOIOMRlBiAOg959UkPeewhTz0k%2FNSnrU4cBO04ihuNpSZjrNFgrLW0yFu80VyKA%2BSssjdAlg7A1ADM7iG1e9iWn5%2B0LsLmP8FtlXDcg8vGxPtgDz1eohAEhSMoKEEhCYqMoOiVh1y5uitvceXyKJzW%2BrQ2yqHJuvv00GRdoQmoHeyn5%2BSZyXj%2BfGIO2%2BLUr0eUdRZ5c5Et0TpthzGjlAbNTrMRB%2B1FHsPJEtJdmCTerXb1219Iq8rPENFjOHUMJj3QPAQthu16ALo1bC4F2NXfx7mTRiemJ4WrZQbclEizOWQ73r46Jy9MrLyIlyDYfTI9YLZEakt8LH8m6Kqbw6umIAdXTeHI3fU0k4ncpdUWr2U0E%2FPfvid2CmP5yhU3%2BOYtVglVe%2Be6cNkq1VzqriO3L0vOhV02lgny44rbFNFG7rYu51bn6erG28srSWqFq8yOQOXJ%2BkMwOSZzz%2F8zeZ9P334N0o5g8xJJPnMqzTFYugeXzu6cIbBqxqP0Aoq8HNp6NLtUkkCJGadRCfcfHs36fXcTXTsPmt2ATkr0bImeKkHVAC5%2Fcpil9v6b976qzteI1PwwUnb%2BIFJWfTEm%2FsXPJvMdk5cfO6vgvII%2FKvgdTp76ohUHsQjqIoo7UdymAe%2FEzU5EO6FoRy0aInNjoT96%2BC8AAAD%2F%2FwEAAP%2F%2Fz%2F1bYZAEAAA%3D
173.233.137.36 7 B URL manuretravelingaroma.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitXmMQBUERwYs2woKiTLrnRybjHsR1jQRjEndXcvJQXVU9KVNd1VR1T09yCi7IHjyMF1FPnTfJBt1F3T9AkImXZUHIXDRg4sWLZ2FZb9KzA6MF%2Fb7v1evDe99Xn%2B7n5yRETk833je7Uim60KoF%2FiubUnNTOH%2Ftuh8GteCSvyn1YvOS36%2FA9t4Ig1YteNV%2FV7Bts1APwiAIg9BfllbEpr8wUSHTO52w1glqzXotbDXRt%2F%2FnLvfgqAfeOyfPQvLx41v37kKyEXTywxXhtjOTvv5OkiuaGYseP%2FpQb2tTaCSzNrYeYn00%2FRvGjQn58gKMPpomgOkdVAkQyTHxfg0R6aOpTUS9w0dOIwWhEfGnUPRGEGoESUdg5gYkPyEA41hbh05urRlb0J1HKq3UMZl78DdkMSZzZ89BJ99dVrLvXzMqz6TRDv24hOyPILsjpPkxsl0PsjgGyz6B5L%2BQhQer0MnBulMGkpeT9FKOIOMRlBiAOg959UkPeewhTz0k%2FNSnrU4cBO04ihuNpSZjrNFgrLW0yFu80VyKA%2BSssjdAlg7A1ADM7iG1e9iWn5%2B0LsLmP8FtlXDcg8vGxPtgDz1eohAEhSMoKEEhCYqMoOiVh1y5uitvceXyKJzW%2BrQ2yqHJuvv00GRdoQmoHeyn5%2BSZyXj%2BfGIO2%2BLUr0eUdRZ5c5Et0TpthzGjlAbNTrMRB%2B1FHsPJEtJdmCTerXb1219Iq8rPENFjOHUMJj3QPAQthu16ALo1bC4F2NXfx7mTRiemJ4WrZQbclEizOWQ73r46Jy9MrLyIlyDYfTI9YLZEakt8LH8m6Kqbw6umIAdXTeHI3fU0k4ncpdUWr2U0E%2FPfvid2CmP5yhU3%2BOYtVglVe%2Be6cNkq1VzqriO3L0vOhV02lgny44rbFNFG7rYu51bn6erG28srSWqFq8yOQOXJ%2BkMwOSZzz%2F8zeZ9P334N0o5g8xJJPnMqzTFYugeXzu6cIbBqxqP0Aoq8HNp6NLtUkkCJGadRCfcfHs36fXcTXTsPmt2ATkr0bImeKkHVAC5%2Fcpil9v6b976qzteI1PwwUnb%2BIFJWfTEm%2FsXPJvMdk5cfO6vgvII%2FKvgdTp76ohUHsQjqIoo7UdymAe%2FEzU5EO6FoRy0aInNjoT96%2BC8AAAD%2F%2FwEAAP%2F%2Fz%2F1bYZAEAAA%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitXmMQBUERwYs2woKiTLrnRybjHsR1jQRjEndXcvJQXVU9KVNd1VR1T09yCi7IHjyMF1FPnTfJBt1F3T9AkImXZUHIXDRg4sWLZ2FZb9KzA6MF%2Fb7v1evDe99Xn%2B7n5yRETk833je7Uim60KoF%2FiubUnNTOH%2Ftuh8GteCSvyn1YvOS36%2FA9t4Ig1YteNV%2FV7Bts1APwiAIg9BfllbEpr8wUSHTO52w1glqzXotbDXRt%2F%2FnLvfgqAfeOyfPQvLx41v37kKyEXTywxXhtjOTvv5OkiuaGYseP%2FpQb2tTaCSzNrYeYn00%2FRvGjQn58gKMPpomgOkdVAkQyTHxfg0R6aOpTUS9w0dOIwWhEfGnUPRGEGoESUdg5gYkPyEA41hbh05urRlb0J1HKq3UMZl78DdkMSZzZ89BJ99dVrLvXzMqz6TRDv24hOyPILsjpPkxsl0PsjgGyz6B5L%2BQhQer0MnBulMGkpeT9FKOIOMRlBiAOg959UkPeewhTz0k%2FNSnrU4cBO04ihuNpSZjrNFgrLW0yFu80VyKA%2BSssjdAlg7A1ADM7iG1e9iWn5%2B0LsLmP8FtlXDcg8vGxPtgDz1eohAEhSMoKEEhCYqMoOiVh1y5uitvceXyKJzW%2BrQ2yqHJuvv00GRdoQmoHeyn5%2BSZyXj%2BfGIO2%2BLUr0eUdRZ5c5Et0TpthzGjlAbNTrMRB%2B1FHsPJEtJdmCTerXb1219Iq8rPENFjOHUMJj3QPAQthu16ALo1bC4F2NXfx7mTRiemJ4WrZQbclEizOWQ73r46Jy9MrLyIlyDYfTI9YLZEakt8LH8m6Kqbw6umIAdXTeHI3fU0k4ncpdUWr2U0E%2FPfvid2CmP5yhU3%2BOYtVglVe%2Be6cNkq1VzqriO3L0vOhV02lgny44rbFNFG7rYu51bn6erG28srSWqFq8yOQOXJ%2BkMwOSZzz%2F8zeZ9P334N0o5g8xJJPnMqzTFYugeXzu6cIbBqxqP0Aoq8HNp6NLtUkkCJGadRCfcfHs36fXcTXTsPmt2ATkr0bImeKkHVAC5%2Fcpil9v6b976qzteI1PwwUnb%2BIFJWfTEm%2FsXPJvMdk5cfO6vgvII%2FKvgdTp76ohUHsQjqIoo7UdymAe%2FEzU5EO6FoRy0aInNjoT96%2BC8AAAD%2F%2FwEAAP%2F%2Fz%2F1bYZAEAAA%3D HTTP/1.1
Host: manuretravelingaroma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: u_pl=14944260; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f2b613d6a5be165d8439efeed9c240d3
Strict-Transport-Security: max-age=0; includeSubdomains
www4.fusionmovies.to/site/captcha?v=656e5df8bc8fb
104.21.69.70 2.2 kB URL www4.fusionmovies.to/site/captcha?v=656e5df8bc8fb
IP 104.21.69.70:0
File type PNG image data, 120 x 50, 8-bit colormap, non-interlaced\012- data
Hash c0649ec4386909c6141cabfc7f1ba971
c902c947bef74a7398026ec598cafa40626c0e08
88c75ca415eef350e930be6e9cb0aad6b0ddab348d5a37745951aa311277c87d
GET /site/captcha?v=656e5df8bc8fb HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/film/deadpool-2/Wqccxzip/LvBrqZlE
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f5b6b975-8318-4b40-8d29-1f8954290460%3A3%3A1; pp_main_b005c98326c3554c8acdc4604221173c=1; sb_main_82fe0b644d03b2da47a79435101845c5=1; sb_count_82fe0b644d03b2da47a79435101845c5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:12 GMT
content-type: image/png
pragma: public
expires: 0
cache-control: must-revalidate, post-check=0, pre-check=0
content-transfer-encoding: binary
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.10:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jV8pc7OHgG5lajebR6ahkTNb1u0yZ66eS9PvjMjhpQd9SWpJHnzL0aJGdhGSTLF%2BF3Za%2FG9M4faBqd3TPfx%2FiGTwO14IzTcBT77pBfvduPW8ORCaP8gYONFD5TVjllcw48CoiDFyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8307c2f3589856a8-OSL
alt-svc: h3=":443"; ma=86400
manuretravelingaroma.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skVRd9NdMfDJ8bFTeCi0ZQFKRT1d013e0sBscxEoxJnBnJysWr9151nnlVr3ivfnSyig7oLFtwoa4qp5MJjkGdP0CRjpshKKQ3GjBx42bWwqA7qZ6G1gt17r117uKce99Hu9k58ZDR07W39bZUii74Dbf%2B0rqMuS5sfeVW3XMb7pX6uowvt6%2FUBxWY%2FFXP9Rvuy%2FU3BdvUC03Xc13P9eqL0ohQDxamLGRy2PMaPbfRbjY8v42B%2BW9vMweWOuD5OXkakk%2F%2Bt%2FHgPiQbI46%2BvS7sZqqTV96IMkVTbZDzg3fjzVgXMaJ5GRoHYXwwm4a2E0I%2BuwAdH8wcQOd7lQMEckKcXzwE8cFMJoJ8%2F7HSQEHECPgTKPIxhBpD0jGYvg3JTwjAOFZWEUd3V7Qp6NZjllbshNQe%2FQlZTEjt7BnE0dfXlBzUb2qVpVLHFoOwhByMIftjJNkR0m0HsjgCSz%2BE5D%2BThUfLiKO9Vas0JC%2Bn7qUcQ4ZjKDEEtQ6y6pMOstBBljiI%2BGmd%2Br3QdTthELZa3TZjrNVizO9e5j5vtbuhi4xV8oZIkyGYGoKZHSRmB5vykxP%2FBZjsB9iNEpY7sOmEOO%2FsIOclCkFQWIKCEhSSoEgJirzc58o2bXmXK5sF3iw3Z7lVjnTa36X7Ou2LmICa4W5yTp6aruePSxexKU7rnLnNwO%2FxpmCdTrMbdDxf%2BD5jrBO2u0J0YGUJaS9MHW9Xt%2Fr1IZIq8zME9AhWHYFJBzTzQItRp%2BmCbozaXRfb8TdhZqWOI51LYRupBtclkrSGdMvZVefk2amU5y%2F%2BDsGOr9577vCS9%2BJDMFMiMSXelz8S9NWd0Q1dkL0burDk%2FmqSykhu0%2BqKN1Oaiov33hJbhTZ86bodfvkaq4iqPLwlbLpMYy7jviVfXZOcC7OoDRPkuyW7LoK1zG5cy0ycJctrry8uRYkRthI7BpUnq3%2BByQmpffD99H0%2B%2BdPHkGYMk5WIsmMyC0h9BJbswCZz9VYTGDWfCRIHRVaOTDOY%2F1SSQIl5T4MS9l99MK937R30TQ00vY04KpGbErkqQdUQNvv%2FKE3M8dUHn1fxBQJVGwXK1PYCZdSn09VW8FsF5xWcwcrTuvBDNxRuUwRhLwg71OW9sN0LaM8TncCnHlI7EfF7f%2F8DAAD%2F%2FwEAAP%2F%2FE4ofLIYEAAA%3D
173.233.137.60 7 B URL manuretravelingaroma.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skVRd9NdMfDJ8bFTeCi0ZQFKRT1d013e0sBscxEoxJnBnJysWr9151nnlVr3ivfnSyig7oLFtwoa4qp5MJjkGdP0CRjpshKKQ3GjBx42bWwqA7qZ6G1gt17r117uKce99Hu9k58ZDR07W39bZUii74Dbf%2B0rqMuS5sfeVW3XMb7pX6uowvt6%2FUBxWY%2FFXP9Rvuy%2FU3BdvUC03Xc13P9eqL0ohQDxamLGRy2PMaPbfRbjY8v42B%2BW9vMweWOuD5OXkakk%2F%2Bt%2FHgPiQbI46%2BvS7sZqqTV96IMkVTbZDzg3fjzVgXMaJ5GRoHYXwwm4a2E0I%2BuwAdH8wcQOd7lQMEckKcXzwE8cFMJoJ8%2F7HSQEHECPgTKPIxhBpD0jGYvg3JTwjAOFZWEUd3V7Qp6NZjllbshNQe%2FQlZTEjt7BnE0dfXlBzUb2qVpVLHFoOwhByMIftjJNkR0m0HsjgCSz%2BE5D%2BThUfLiKO9Vas0JC%2Bn7qUcQ4ZjKDEEtQ6y6pMOstBBljiI%2BGmd%2Br3QdTthELZa3TZjrNVizO9e5j5vtbuhi4xV8oZIkyGYGoKZHSRmB5vykxP%2FBZjsB9iNEpY7sOmEOO%2FsIOclCkFQWIKCEhSSoEgJirzc58o2bXmXK5sF3iw3Z7lVjnTa36X7Ou2LmICa4W5yTp6aruePSxexKU7rnLnNwO%2FxpmCdTrMbdDxf%2BD5jrBO2u0J0YGUJaS9MHW9Xt%2Fr1IZIq8zME9AhWHYFJBzTzQItRp%2BmCbozaXRfb8TdhZqWOI51LYRupBtclkrSGdMvZVefk2amU5y%2F%2BDsGOr9577vCS9%2BJDMFMiMSXelz8S9NWd0Q1dkL0burDk%2FmqSykhu0%2BqKN1Oaiov33hJbhTZ86bodfvkaq4iqPLwlbLpMYy7jviVfXZOcC7OoDRPkuyW7LoK1zG5cy0ycJctrry8uRYkRthI7BpUnq3%2BByQmpffD99H0%2B%2BdPHkGYMk5WIsmMyC0h9BJbswCZz9VYTGDWfCRIHRVaOTDOY%2F1SSQIl5T4MS9l99MK937R30TQ00vY04KpGbErkqQdUQNvv%2FKE3M8dUHn1fxBQJVGwXK1PYCZdSn09VW8FsF5xWcwcrTuvBDNxRuUwRhLwg71OW9sN0LaM8TncCnHlI7EfF7f%2F8DAAD%2F%2FwEAAP%2F%2FE4ofLIYEAAA%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skVRd9NdMfDJ8bFTeCi0ZQFKRT1d013e0sBscxEoxJnBnJysWr9151nnlVr3ivfnSyig7oLFtwoa4qp5MJjkGdP0CRjpshKKQ3GjBx42bWwqA7qZ6G1gt17r117uKce99Hu9k58ZDR07W39bZUii74Dbf%2B0rqMuS5sfeVW3XMb7pX6uowvt6%2FUBxWY%2FFXP9Rvuy%2FU3BdvUC03Xc13P9eqL0ohQDxamLGRy2PMaPbfRbjY8v42B%2BW9vMweWOuD5OXkakk%2F%2Bt%2FHgPiQbI46%2BvS7sZqqTV96IMkVTbZDzg3fjzVgXMaJ5GRoHYXwwm4a2E0I%2BuwAdH8wcQOd7lQMEckKcXzwE8cFMJoJ8%2F7HSQEHECPgTKPIxhBpD0jGYvg3JTwjAOFZWEUd3V7Qp6NZjllbshNQe%2FQlZTEjt7BnE0dfXlBzUb2qVpVLHFoOwhByMIftjJNkR0m0HsjgCSz%2BE5D%2BThUfLiKO9Vas0JC%2Bn7qUcQ4ZjKDEEtQ6y6pMOstBBljiI%2BGmd%2Br3QdTthELZa3TZjrNVizO9e5j5vtbuhi4xV8oZIkyGYGoKZHSRmB5vykxP%2FBZjsB9iNEpY7sOmEOO%2FsIOclCkFQWIKCEhSSoEgJirzc58o2bXmXK5sF3iw3Z7lVjnTa36X7Ou2LmICa4W5yTp6aruePSxexKU7rnLnNwO%2FxpmCdTrMbdDxf%2BD5jrBO2u0J0YGUJaS9MHW9Xt%2Fr1IZIq8zME9AhWHYFJBzTzQItRp%2BmCbozaXRfb8TdhZqWOI51LYRupBtclkrSGdMvZVefk2amU5y%2F%2BDsGOr9577vCS9%2BJDMFMiMSXelz8S9NWd0Q1dkL0burDk%2FmqSykhu0%2BqKN1Oaiov33hJbhTZ86bodfvkaq4iqPLwlbLpMYy7jviVfXZOcC7OoDRPkuyW7LoK1zG5cy0ycJctrry8uRYkRthI7BpUnq3%2BByQmpffD99H0%2B%2BdPHkGYMk5WIsmMyC0h9BJbswCZz9VYTGDWfCRIHRVaOTDOY%2F1SSQIl5T4MS9l99MK937R30TQ00vY04KpGbErkqQdUQNvv%2FKE3M8dUHn1fxBQJVGwXK1PYCZdSn09VW8FsF5xWcwcrTuvBDNxRuUwRhLwg71OW9sN0LaM8TncCnHlI7EfF7f%2F8DAAD%2F%2FwEAAP%2F%2FE4ofLIYEAAA%3D HTTP/1.1
Host: manuretravelingaroma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: u_pl=14944260; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1a515011b497d9b2feb17165d28654f9
Strict-Transport-Security: max-age=0; includeSubdomains
manuretravelingaroma.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidTZwoggYQDRKCFVIQSOi8ez98PlJEhBBkYWyTBLmimJ2ZPQ%2Be3VnN7I%2BzK0MkSEFxNAio1u%2FsWAQLyB8AQmeayALJ14AlbBqa1EhRSrSXkw4%2Bab8f%2B77ivffNJ9vZKfGR0eOVd%2FWmVIrOtmqe%2B8qqjLkurLt00%2FW9mnfJXZXxXPOS26uSyV%2F3vVbNe9V9W7B1PVv3fM%2FzPd%2B9Jo0IdW92jEIm%2Bx2%2F1vFqzXrNbzXRM%2F%2BfbebAUgc8PyXPQPLRubX79yDZEHH0w1Vh11OdvPZWlCmaaoOc770fr8e6iBFN29A4COO9yTa0HRHy5RnoeG%2BiADrfqRQgkCPi%2FO4jiPcmNBHku4%2BZBgoiRsCfRJEPIdQQkg7B9C1IfkQAxrG0jDi6s6RNQTceo7RCR2Tm4T%2BQxYjMnDyLOPruipI994ZWWSp1bNELS8jeELI7RJIdIN10IIsDsPRjSP4bmX24iDjaWbZKQ%2FJyrF7KIWQ4hBJ9UOsgqz7pIAsdZImDiB%2B7tNUJPa8dBmGjMd9kjDUajLXm53iLN5rzoYeMVfT6SJM%2BmOqDmS0kZgvr8vOj1kWY7GfYtRKWO7DpiDjvbSHnJQpBUFiCghIUkqBICYq83OXK1m15hyubBf6k1ie1UQ502t2muzrtipiAmv52ckqeHtvz94UZrItjtx5Q1pnjzTk2T%2Bu07YeMUuo1O81G6LXneAgrS0h7Zqx4s7rVHw%2BQVJWfIKAHsOoATDqgmQ9aDNp1D3Rt0Jz3sBl%2FH2ZW6jjSuRS2lmpwXSJJZ5BuONvqlDw3pvLS2b8g2OHlu8%2FvX%2FBffgBmSiSmxIfyF4Kuuj24rguyc10XltxbTlIZyU1aXfFGSlNx9u47YqPQhi9ctf1v3mAVULX7N4VNF2nMZdy15NsrknNhrmnDBPlxwa6KYCWza1cyE2fJ4sqb1xaixAhbkR2CyqPlR2ByRGY%2B%2Bmn8Pp%2F69VNIM4TJSkTZIZkEpD4AS7Zgkyl7qwmMmu4EyTkUWTkw9WD6U0kCJaYzDUrY%2F8zBtN%2B2t9E150HTW4ijErkpkasSVPVhsycGaWIOL9%2F%2FqoqvEajzg0CZ8zuBMuqLEXEvfjYiL%2BDFyuSTKp2O7a7Sn7Dy2BWt0AuFVxdB2AnCNvV4J2x2AtrxRTtoUR%2BpHYn4g0f%2FAgAA%2F%2F8BAAD%2F%2F5HZOiWQBAAA
173.233.137.36 7 B URL manuretravelingaroma.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidTZwoggYQDRKCFVIQSOi8ez98PlJEhBBkYWyTBLmimJ2ZPQ%2Be3VnN7I%2BzK0MkSEFxNAio1u%2FsWAQLyB8AQmeayALJ14AlbBqa1EhRSrSXkw4%2Bab8f%2B77ivffNJ9vZKfGR0eOVd%2FWmVIrOtmqe%2B8qqjLkurLt00%2FW9mnfJXZXxXPOS26uSyV%2F3vVbNe9V9W7B1PVv3fM%2FzPd%2B9Jo0IdW92jEIm%2Bx2%2F1vFqzXrNbzXRM%2F%2BfbebAUgc8PyXPQPLRubX79yDZEHH0w1Vh11OdvPZWlCmaaoOc770fr8e6iBFN29A4COO9yTa0HRHy5RnoeG%2BiADrfqRQgkCPi%2FO4jiPcmNBHku4%2BZBgoiRsCfRJEPIdQQkg7B9C1IfkQAxrG0jDi6s6RNQTceo7RCR2Tm4T%2BQxYjMnDyLOPruipI994ZWWSp1bNELS8jeELI7RJIdIN10IIsDsPRjSP4bmX24iDjaWbZKQ%2FJyrF7KIWQ4hBJ9UOsgqz7pIAsdZImDiB%2B7tNUJPa8dBmGjMd9kjDUajLXm53iLN5rzoYeMVfT6SJM%2BmOqDmS0kZgvr8vOj1kWY7GfYtRKWO7DpiDjvbSHnJQpBUFiCghIUkqBICYq83OXK1m15hyubBf6k1ie1UQ502t2muzrtipiAmv52ckqeHtvz94UZrItjtx5Q1pnjzTk2T%2Bu07YeMUuo1O81G6LXneAgrS0h7Zqx4s7rVHw%2BQVJWfIKAHsOoATDqgmQ9aDNp1D3Rt0Jz3sBl%2FH2ZW6jjSuRS2lmpwXSJJZ5BuONvqlDw3pvLS2b8g2OHlu8%2FvX%2FBffgBmSiSmxIfyF4Kuuj24rguyc10XltxbTlIZyU1aXfFGSlNx9u47YqPQhi9ctf1v3mAVULX7N4VNF2nMZdy15NsrknNhrmnDBPlxwa6KYCWza1cyE2fJ4sqb1xaixAhbkR2CyqPlR2ByRGY%2B%2Bmn8Pp%2F69VNIM4TJSkTZIZkEpD4AS7Zgkyl7qwmMmu4EyTkUWTkw9WD6U0kCJaYzDUrY%2F8zBtN%2B2t9E150HTW4ijErkpkasSVPVhsycGaWIOL9%2F%2FqoqvEajzg0CZ8zuBMuqLEXEvfjYiL%2BDFyuSTKp2O7a7Sn7Dy2BWt0AuFVxdB2AnCNvV4J2x2AtrxRTtoUR%2BpHYn4g0f%2FAgAA%2F%2F8BAAD%2F%2F5HZOiWQBAAA
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidTZwoggYQDRKCFVIQSOi8ez98PlJEhBBkYWyTBLmimJ2ZPQ%2Be3VnN7I%2BzK0MkSEFxNAio1u%2FsWAQLyB8AQmeayALJ14AlbBqa1EhRSrSXkw4%2Bab8f%2B77ivffNJ9vZKfGR0eOVd%2FWmVIrOtmqe%2B8qqjLkurLt00%2FW9mnfJXZXxXPOS26uSyV%2F3vVbNe9V9W7B1PVv3fM%2FzPd%2B9Jo0IdW92jEIm%2Bx2%2F1vFqzXrNbzXRM%2F%2BfbebAUgc8PyXPQPLRubX79yDZEHH0w1Vh11OdvPZWlCmaaoOc770fr8e6iBFN29A4COO9yTa0HRHy5RnoeG%2BiADrfqRQgkCPi%2FO4jiPcmNBHku4%2BZBgoiRsCfRJEPIdQQkg7B9C1IfkQAxrG0jDi6s6RNQTceo7RCR2Tm4T%2BQxYjMnDyLOPruipI994ZWWSp1bNELS8jeELI7RJIdIN10IIsDsPRjSP4bmX24iDjaWbZKQ%2FJyrF7KIWQ4hBJ9UOsgqz7pIAsdZImDiB%2B7tNUJPa8dBmGjMd9kjDUajLXm53iLN5rzoYeMVfT6SJM%2BmOqDmS0kZgvr8vOj1kWY7GfYtRKWO7DpiDjvbSHnJQpBUFiCghIUkqBICYq83OXK1m15hyubBf6k1ie1UQ502t2muzrtipiAmv52ckqeHtvz94UZrItjtx5Q1pnjzTk2T%2Bu07YeMUuo1O81G6LXneAgrS0h7Zqx4s7rVHw%2BQVJWfIKAHsOoATDqgmQ9aDNp1D3Rt0Jz3sBl%2FH2ZW6jjSuRS2lmpwXSJJZ5BuONvqlDw3pvLS2b8g2OHlu8%2FvX%2FBffgBmSiSmxIfyF4Kuuj24rguyc10XltxbTlIZyU1aXfFGSlNx9u47YqPQhi9ctf1v3mAVULX7N4VNF2nMZdy15NsrknNhrmnDBPlxwa6KYCWza1cyE2fJ4sqb1xaixAhbkR2CyqPlR2ByRGY%2B%2Bmn8Pp%2F69VNIM4TJSkTZIZkEpD4AS7Zgkyl7qwmMmu4EyTkUWTkw9WD6U0kCJaYzDUrY%2F8zBtN%2B2t9E150HTW4ijErkpkasSVPVhsycGaWIOL9%2F%2FqoqvEajzg0CZ8zuBMuqLEXEvfjYiL%2BDFyuSTKp2O7a7Sn7Dy2BWt0AuFVxdB2AnCNvV4J2x2AtrxRTtoUR%2BpHYn4g0f%2FAgAA%2F%2F8BAAD%2F%2F5HZOiWQBAAA HTTP/1.1
Host: manuretravelingaroma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: u_pl=14944260; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f1f8ed3d5686fe558dadad9fd02e290a
Strict-Transport-Security: max-age=0; includeSubdomains
manuretravelingaroma.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p1fWH5eVLwIoo2woiCT7vnIZNzDYlwjwZjE3ZWcPFRXVU%2FKVHc1Vd3Tk5yiC8sePIwXUU%2BdZ5INrkHdP0CRiZclKGQuGjDx4mXPwrJH6dmB0Rf6%2FejnPTzP89bt3eyc%2BMjo6dp7elsqRWebVc99dV3GXOfWXbnp%2Bl7Vu%2BKuy3iuccXtlcl03%2FC9ZtV7zX1HsE09W%2FN8z%2FM9312URoS6NztGIZPDtl9te9VGreo3G%2BiZ%2F842c2CpA949J89C8tH%2FNh7ch2RDxNH314TdTHXy%2BttRpmiqDbr84IN4M9Z5jGjahsZBGB9MtqHtiJAvLkDHBxMF0N29UgECOSLObz6C%2BGBCE0F3%2FwnTQEHECPhTyLtDCDWEpEMwfQuSnxCAcaysIo7urmiT060nKC3REak8%2BhsyH5HK2XOIo28XlOy5N7TKUqlji15YQPaGkJ0hkuwI6bYDmR%2BBpZ9A8l%2FJ7KNlxNHeqlUakhdj9VIOIcMhlOiDWgdZ%2BUkHWeggSxxE%2FNSlzXboea0wCOv1%2BQZjrF5nrDk%2Fx5u83pgPPWSspNdHmvTBVB%2FM7CAxO9iUn500L8NkP8FuFLDcgU1HxHl%2FB11eIBcEuSXIKUEuCfKUIO8W%2B1zZmi3ucmWzwJ%2FU2qTWi4FOO7t0X6cdERNQ099NzskzY3v%2BulTBpjh1awFl7TnemGPztEZbfsgopV6j3aiHXmuOh7CygLQXxoq3y1v9%2FhBJWfkZAnoEq47ApAOa%2BaD5oFXzQDcGjXkP2%2FF3YWaljiPdlcJWUw2uCyRpBemWs6vOyfNjKi9fPIdgx1fvvXB4yX%2FlIZgpkJgCH8mfCTrqzuC6zsnedZ1bcn81SWUkt2l5xRspTcXFe%2B%2BKrVwbvnTN9r9%2Bk5VA2R7eFDZdpjGXcceSbxYk58IsasME%2BWHJrotgLbMbC5mJs2R57a3FpSgxwpZkh6DyZPUxmByRysc%2Fjt%2Fn07%2FchjRDmKxAlB2TSUDqI7BkBzaZsreawKjpTpBUkGfFwNSC6U8lCZSYzjQoYP81B9N%2B195Bx8yAprcQRwW6pkBXFaCqD5v9f5Am5vjqgy%2FL%2BAqBmhkEyszsBcqoz0fEvfzpiLyIl0qTz8ZOl%2BnPMv0BK09d0Qy9UHg1EYTtIGxRj7fDRjugbV%2B0gib1kdqRiD98%2FA8AAAD%2F%2FwEAAP%2F%2Fo6j1CpAEAAA%3D
173.233.137.36 7 B URL manuretravelingaroma.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p1fWH5eVLwIoo2woiCT7vnIZNzDYlwjwZjE3ZWcPFRXVU%2FKVHc1Vd3Tk5yiC8sePIwXUU%2BdZ5INrkHdP0CRiZclKGQuGjDx4mXPwrJH6dmB0Rf6%2FejnPTzP89bt3eyc%2BMjo6dp7elsqRWebVc99dV3GXOfWXbnp%2Bl7Vu%2BKuy3iuccXtlcl03%2FC9ZtV7zX1HsE09W%2FN8z%2FM9312URoS6NztGIZPDtl9te9VGreo3G%2BiZ%2F842c2CpA949J89C8tH%2FNh7ch2RDxNH314TdTHXy%2BttRpmiqDbr84IN4M9Z5jGjahsZBGB9MtqHtiJAvLkDHBxMF0N29UgECOSLObz6C%2BGBCE0F3%2FwnTQEHECPhTyLtDCDWEpEMwfQuSnxCAcaysIo7urmiT060nKC3REak8%2BhsyH5HK2XOIo28XlOy5N7TKUqlji15YQPaGkJ0hkuwI6bYDmR%2BBpZ9A8l%2FJ7KNlxNHeqlUakhdj9VIOIcMhlOiDWgdZ%2BUkHWeggSxxE%2FNSlzXboea0wCOv1%2BQZjrF5nrDk%2Fx5u83pgPPWSspNdHmvTBVB%2FM7CAxO9iUn500L8NkP8FuFLDcgU1HxHl%2FB11eIBcEuSXIKUEuCfKUIO8W%2B1zZmi3ucmWzwJ%2FU2qTWi4FOO7t0X6cdERNQ099NzskzY3v%2BulTBpjh1awFl7TnemGPztEZbfsgopV6j3aiHXmuOh7CygLQXxoq3y1v9%2FhBJWfkZAnoEq47ApAOa%2BaD5oFXzQDcGjXkP2%2FF3YWaljiPdlcJWUw2uCyRpBemWs6vOyfNjKi9fPIdgx1fvvXB4yX%2FlIZgpkJgCH8mfCTrqzuC6zsnedZ1bcn81SWUkt2l5xRspTcXFe%2B%2BKrVwbvnTN9r9%2Bk5VA2R7eFDZdpjGXcceSbxYk58IsasME%2BWHJrotgLbMbC5mJs2R57a3FpSgxwpZkh6DyZPUxmByRysc%2Fjt%2Fn07%2FchjRDmKxAlB2TSUDqI7BkBzaZsreawKjpTpBUkGfFwNSC6U8lCZSYzjQoYP81B9N%2B195Bx8yAprcQRwW6pkBXFaCqD5v9f5Am5vjqgy%2FL%2BAqBmhkEyszsBcqoz0fEvfzpiLyIl0qTz8ZOl%2BnPMv0BK09d0Qy9UHg1EYTtIGxRj7fDRjugbV%2B0gib1kdqRiD98%2FA8AAAD%2F%2FwEAAP%2F%2Fo6j1CpAEAAA%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p1fWH5eVLwIoo2woiCT7vnIZNzDYlwjwZjE3ZWcPFRXVU%2FKVHc1Vd3Tk5yiC8sePIwXUU%2BdZ5INrkHdP0CRiZclKGQuGjDx4mXPwrJH6dmB0Rf6%2FejnPTzP89bt3eyc%2BMjo6dp7elsqRWebVc99dV3GXOfWXbnp%2Bl7Vu%2BKuy3iuccXtlcl03%2FC9ZtV7zX1HsE09W%2FN8z%2FM9312URoS6NztGIZPDtl9te9VGreo3G%2BiZ%2F842c2CpA949J89C8tH%2FNh7ch2RDxNH314TdTHXy%2BttRpmiqDbr84IN4M9Z5jGjahsZBGB9MtqHtiJAvLkDHBxMF0N29UgECOSLObz6C%2BGBCE0F3%2FwnTQEHECPhTyLtDCDWEpEMwfQuSnxCAcaysIo7urmiT060nKC3REak8%2BhsyH5HK2XOIo28XlOy5N7TKUqlji15YQPaGkJ0hkuwI6bYDmR%2BBpZ9A8l%2FJ7KNlxNHeqlUakhdj9VIOIcMhlOiDWgdZ%2BUkHWeggSxxE%2FNSlzXboea0wCOv1%2BQZjrF5nrDk%2Fx5u83pgPPWSspNdHmvTBVB%2FM7CAxO9iUn500L8NkP8FuFLDcgU1HxHl%2FB11eIBcEuSXIKUEuCfKUIO8W%2B1zZmi3ucmWzwJ%2FU2qTWi4FOO7t0X6cdERNQ099NzskzY3v%2BulTBpjh1awFl7TnemGPztEZbfsgopV6j3aiHXmuOh7CygLQXxoq3y1v9%2FhBJWfkZAnoEq47ApAOa%2BaD5oFXzQDcGjXkP2%2FF3YWaljiPdlcJWUw2uCyRpBemWs6vOyfNjKi9fPIdgx1fvvXB4yX%2FlIZgpkJgCH8mfCTrqzuC6zsnedZ1bcn81SWUkt2l5xRspTcXFe%2B%2BKrVwbvnTN9r9%2Bk5VA2R7eFDZdpjGXcceSbxYk58IsasME%2BWHJrotgLbMbC5mJs2R57a3FpSgxwpZkh6DyZPUxmByRysc%2Fjt%2Fn07%2FchjRDmKxAlB2TSUDqI7BkBzaZsreawKjpTpBUkGfFwNSC6U8lCZSYzjQoYP81B9N%2B195Bx8yAprcQRwW6pkBXFaCqD5v9f5Am5vjqgy%2FL%2BAqBmhkEyszsBcqoz0fEvfzpiLyIl0qTz8ZOl%2BnPMv0BK09d0Qy9UHg1EYTtIGxRj7fDRjugbV%2B0gib1kdqRiD98%2FA8AAAD%2F%2FwEAAP%2F%2Fo6j1CpAEAAA%3D HTTP/1.1
Host: manuretravelingaroma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: u_pl=14944260; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dae465b2d554ed986a92e0ad6260c2dd
Strict-Transport-Security: max-age=0; includeSubdomains
growledavenuejill.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReu3t3f6YcHZS8iwhwUVjCT7pnuzIx7WFzXrMGYhP1DDuKhqqt6Uqa6q6nqnp6Ml%2BCC7HEWPHjsfJNsUJfV9SgIMvEiAWHHg%2BawAfEkyF6EBW%2FSk4HRB1Xvfe%2Brw%2Fe9V5%2Fs5afEQ05PNt7TA6kUXQzqbu3Spky4Lmxt7VbNc%2Bvu5dqmTJb8y7V%2BdZneG54b1N3XatdFuK0XG67nup7r1ZalEZHuL05ZyPRBx6t33LrfqHuBj775L7a5A0sd8N4peQGST%2F639eMjyHCMJP76mrDbmU5ffzvOFc20QY8f3k62E10kiOdlZBxEyeHsNbSdEPLZOejkcOYAurdfOQCTE%2BL84oElhzOZYL2DM6VMQSRg%2FP8oemMINYakY4T6DiR%2FTICQY20dSXx%2FTZuC7pyxtGIn5MKzvyCLCbnw5CKS%2BOFVJfu1m1rlmdSJRT8qIftjyO4YaX6EbOBAFkcIs48h%2BU9k8dkqknh%2F3SoNyU9e6XDP46ItFlqtgC74bT9aoGyptdBpLVHqU%2BE2GZ2OSMoxZDSGEkNQ6yCvjnSQRw7y1EHMT2o06ESu24pY1Gy2%2FTAMm80wDNpLPOBNvx25yMPKwxBZOkSohgjNLlKzi21573HwKkz%2BPexWCcsd2Iygx0sUgqCwBAUlKCRBkREUvfKAK9uw5X2ubM68WW7McrMc6ay7Rw901hUJATXDvfSUPD%2Bd3594CdvipNZuRMJlS77P3SZrcOq3aKvjNwPP9dp%2BEAawsoS056ZuB9Uyf%2F0DaZX5EzB6BKuOEEoHNH8ZtBi1Gi7o1shvuxgkX0W5lTqJdU8KW880uC6RZheQ7Th76pS8OJXyzrfvQ4THVz4d%2FHb94cWPEJoSqSnxofyBoKvujm7oguzf0IUlj9bTTMZyQKs138xoJs5%2F8a7YKbThK9fs8PM3w4qoyge3hM1WacJl0rXky6uSc2GWtQkF%2BW7Fbgq2kdutq7lJ8nR1463llTg1wlZix6ByQsjTbxDKCXnuqZ1%2B4Uu3f4c0Y5i8RJwfk1lA6iOE6S5sOu9ZTWDUHLPUQZGXI9Ng86aSBErMMWUl7L8wm9d79i66xgHN7iCJS%2FRMiZ4qQdUQNj8%2FylJzfOXn5jTAlDNiyjj7TBl172y4Vp7URBC5kXAbgkUdFrWoyzuR32G044kWC6iHzE5E8sHf%2FwAAAP%2F%2FAQAA%2F%2F9uvc3SmgQAAA%3D%3D
173.233.139.164 7 B URL growledavenuejill.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReu3t3f6YcHZS8iwhwUVjCT7pnuzIx7WFzXrMGYhP1DDuKhqqt6Uqa6q6nqnp6Ml%2BCC7HEWPHjsfJNsUJfV9SgIMvEiAWHHg%2BawAfEkyF6EBW%2FSk4HRB1Xvfe%2Brw%2Fe9V5%2Fs5afEQ05PNt7TA6kUXQzqbu3Spky4Lmxt7VbNc%2Bvu5dqmTJb8y7V%2BdZneG54b1N3XatdFuK0XG67nup7r1ZalEZHuL05ZyPRBx6t33LrfqHuBj775L7a5A0sd8N4peQGST%2F639eMjyHCMJP76mrDbmU5ffzvOFc20QY8f3k62E10kiOdlZBxEyeHsNbSdEPLZOejkcOYAurdfOQCTE%2BL84oElhzOZYL2DM6VMQSRg%2FP8oemMINYakY4T6DiR%2FTICQY20dSXx%2FTZuC7pyxtGIn5MKzvyCLCbnw5CKS%2BOFVJfu1m1rlmdSJRT8qIftjyO4YaX6EbOBAFkcIs48h%2BU9k8dkqknh%2F3SoNyU9e6XDP46ItFlqtgC74bT9aoGyptdBpLVHqU%2BE2GZ2OSMoxZDSGEkNQ6yCvjnSQRw7y1EHMT2o06ESu24pY1Gy2%2FTAMm80wDNpLPOBNvx25yMPKwxBZOkSohgjNLlKzi21573HwKkz%2BPexWCcsd2Iygx0sUgqCwBAUlKCRBkREUvfKAK9uw5X2ubM68WW7McrMc6ay7Rw901hUJATXDvfSUPD%2Bd3594CdvipNZuRMJlS77P3SZrcOq3aKvjNwPP9dp%2BEAawsoS056ZuB9Uyf%2F0DaZX5EzB6BKuOEEoHNH8ZtBi1Gi7o1shvuxgkX0W5lTqJdU8KW880uC6RZheQ7Th76pS8OJXyzrfvQ4THVz4d%2FHb94cWPEJoSqSnxofyBoKvujm7oguzf0IUlj9bTTMZyQKs138xoJs5%2F8a7YKbThK9fs8PM3w4qoyge3hM1WacJl0rXky6uSc2GWtQkF%2BW7Fbgq2kdutq7lJ8nR1463llTg1wlZix6ByQsjTbxDKCXnuqZ1%2B4Uu3f4c0Y5i8RJwfk1lA6iOE6S5sOu9ZTWDUHLPUQZGXI9Ng86aSBErMMWUl7L8wm9d79i66xgHN7iCJS%2FRMiZ4qQdUQNj8%2FylJzfOXn5jTAlDNiyjj7TBl172y4Vp7URBC5kXAbgkUdFrWoyzuR32G044kWC6iHzE5E8sHf%2FwAAAP%2F%2FAQAA%2F%2F9uvc3SmgQAAA%3D%3D
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReu3t3f6YcHZS8iwhwUVjCT7pnuzIx7WFzXrMGYhP1DDuKhqqt6Uqa6q6nqnp6Ml%2BCC7HEWPHjsfJNsUJfV9SgIMvEiAWHHg%2BawAfEkyF6EBW%2FSk4HRB1Xvfe%2Brw%2Fe9V5%2Fs5afEQ05PNt7TA6kUXQzqbu3Spky4Lmxt7VbNc%2Bvu5dqmTJb8y7V%2BdZneG54b1N3XatdFuK0XG67nup7r1ZalEZHuL05ZyPRBx6t33LrfqHuBj775L7a5A0sd8N4peQGST%2F639eMjyHCMJP76mrDbmU5ffzvOFc20QY8f3k62E10kiOdlZBxEyeHsNbSdEPLZOejkcOYAurdfOQCTE%2BL84oElhzOZYL2DM6VMQSRg%2FP8oemMINYakY4T6DiR%2FTICQY20dSXx%2FTZuC7pyxtGIn5MKzvyCLCbnw5CKS%2BOFVJfu1m1rlmdSJRT8qIftjyO4YaX6EbOBAFkcIs48h%2BU9k8dkqknh%2F3SoNyU9e6XDP46ItFlqtgC74bT9aoGyptdBpLVHqU%2BE2GZ2OSMoxZDSGEkNQ6yCvjnSQRw7y1EHMT2o06ESu24pY1Gy2%2FTAMm80wDNpLPOBNvx25yMPKwxBZOkSohgjNLlKzi21573HwKkz%2BPexWCcsd2Iygx0sUgqCwBAUlKCRBkREUvfKAK9uw5X2ubM68WW7McrMc6ay7Rw901hUJATXDvfSUPD%2Bd3594CdvipNZuRMJlS77P3SZrcOq3aKvjNwPP9dp%2BEAawsoS056ZuB9Uyf%2F0DaZX5EzB6BKuOEEoHNH8ZtBi1Gi7o1shvuxgkX0W5lTqJdU8KW880uC6RZheQ7Th76pS8OJXyzrfvQ4THVz4d%2FHb94cWPEJoSqSnxofyBoKvujm7oguzf0IUlj9bTTMZyQKs138xoJs5%2F8a7YKbThK9fs8PM3w4qoyge3hM1WacJl0rXky6uSc2GWtQkF%2BW7Fbgq2kdutq7lJ8nR1463llTg1wlZix6ByQsjTbxDKCXnuqZ1%2B4Uu3f4c0Y5i8RJwfk1lA6iOE6S5sOu9ZTWDUHLPUQZGXI9Ng86aSBErMMWUl7L8wm9d79i66xgHN7iCJS%2FRMiZ4qQdUQNj8%2FylJzfOXn5jTAlDNiyjj7TBl172y4Vp7URBC5kXAbgkUdFrWoyzuR32G044kWC6iHzE5E8sHf%2FwAAAP%2F%2FAQAA%2F%2F9uvc3SmgQAAA%3D%3D HTTP/1.1
Host: growledavenuejill.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: u_pl=15507995; uid_id2=9d11de8e-775a-484f-ab67-976aa4ae03ba:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 06133c9712ad697ed4cd9ce007eff482
Strict-Transport-Security: max-age=0; includeSubdomains
manuretravelingaroma.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitTkZY9KLiRfAwCIqCTLpnpndm3MNiXCPBmMTdlZw8VFdVT8pUdzVV3dOTnKIrsscRPKinzptkg2tQ9w9QZOJlCQqZiwZMvHjZs7DoTXp2YNwP%2BvvR7zu89776dC%2B7IB4yerb%2Brt6RStEFv%2BZWX9mQMde5ra7erHpuzb1S3ZDx5eaVar9Mpve65%2Fo199Xq24Jt6YW667mu53rVJWlEqPsLExQyOep4tY5ba9Zrnt9E3zw%2B28yBpQ5474I8C8nHT2zevwfJRoij768Ju5Xq5LW3okzRVBv0%2BOH78Vas8xjRrA2NgzA%2BnG5D2zEhX8xBx4dTBdC9%2FVIBAjkmzm8egvhwShNB7%2BAR00BBxAj4U8h7Iwg1gqQjMH0Lkp8SgHGsriGO7qxqk9PtRygt0TGpPPwbMh%2BTyvlziKNvF5XsV29olaVSxxb9sIDsjyC7IyTZMdIdBzI%2FBks%2FhuS%2FkoWHK4ij%2FTWrNCQvJuqlHEGGIygxALUOsvKTDrLQQZY4iPhZlfqd0HVbYRA2Gu0mY6zRYMxvX%2BY%2BbzTboYuMlfQGSJMBmBqAmV0kZhdb8rNT%2FyWY7CfYzQKWO7DpmDjv7aLHC%2BSCILcEOSXIJUGeEuS94oArW7fFHa5sFnjTWp%2FWRjHUaXePHui0K2ICagZ7yQV5ZmLPX5fmsSXOqpy59cDv8LpgrVa9HbQ8X%2Fg%2BY6wVNttCtGBlAWnnJop3ylv9%2FgBJWfk5AnoMq47BpAOaeaD5sFV3QTeHzbaLnfi7MLNSx5HuSWFrqQbXBZK0gnTb2VMX5PkJlRfn%2F4BgJ1fvvnB0yXv5AZgpkJgCH8qfCbrq9vC6zsn%2BdZ1bcm8tSWUkd2h5xRspTcX83XfEdq4NX75mB1%2B%2FwUqgbI9uCpuu0JjLuGvJN4uSc2GWtGGC%2FLBsN0SwntnNxczEWbKy%2FubScpQYYUuyI1B5uvYPmByTykc%2FTt7n0798AmlGMFmBKDsh04DUx2DJLmwyY281gVGznSCZQ54VQ1MPZj%2BVJFBiNtOggP3fHMz6PXsbXVMBTW8hjgr0TIGeKkDVADZ7cpgm5uTq%2FS%2FL%2BAqBqgwDZSr7gTLq89LaPyf%2BlumiTOew8qwq%2FNANhVsXQdgJwhZ1eSdsdgLa8UQr8KmH1I5F%2FMG%2F%2FwEAAP%2F%2FAQAA%2F%2F%2BWozL%2BhgQAAA%3D%3D
173.233.137.36 7 B URL manuretravelingaroma.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitTkZY9KLiRfAwCIqCTLpnpndm3MNiXCPBmMTdlZw8VFdVT8pUdzVV3dOTnKIrsscRPKinzptkg2tQ9w9QZOJlCQqZiwZMvHjZs7DoTXp2YNwP%2BvvR7zu89776dC%2B7IB4yerb%2Brt6RStEFv%2BZWX9mQMde5ra7erHpuzb1S3ZDx5eaVar9Mpve65%2Fo199Xq24Jt6YW667mu53rVJWlEqPsLExQyOep4tY5ba9Zrnt9E3zw%2B28yBpQ5474I8C8nHT2zevwfJRoij768Ju5Xq5LW3okzRVBv0%2BOH78Vas8xjRrA2NgzA%2BnG5D2zEhX8xBx4dTBdC9%2FVIBAjkmzm8egvhwShNB7%2BAR00BBxAj4U8h7Iwg1gqQjMH0Lkp8SgHGsriGO7qxqk9PtRygt0TGpPPwbMh%2BTyvlziKNvF5XsV29olaVSxxb9sIDsjyC7IyTZMdIdBzI%2FBks%2FhuS%2FkoWHK4ij%2FTWrNCQvJuqlHEGGIygxALUOsvKTDrLQQZY4iPhZlfqd0HVbYRA2Gu0mY6zRYMxvX%2BY%2BbzTboYuMlfQGSJMBmBqAmV0kZhdb8rNT%2FyWY7CfYzQKWO7DpmDjv7aLHC%2BSCILcEOSXIJUGeEuS94oArW7fFHa5sFnjTWp%2FWRjHUaXePHui0K2ICagZ7yQV5ZmLPX5fmsSXOqpy59cDv8LpgrVa9HbQ8X%2Fg%2BY6wVNttCtGBlAWnnJop3ylv9%2FgBJWfk5AnoMq47BpAOaeaD5sFV3QTeHzbaLnfi7MLNSx5HuSWFrqQbXBZK0gnTb2VMX5PkJlRfn%2F4BgJ1fvvnB0yXv5AZgpkJgCH8qfCbrq9vC6zsn%2BdZ1bcm8tSWUkd2h5xRspTcX83XfEdq4NX75mB1%2B%2FwUqgbI9uCpuu0JjLuGvJN4uSc2GWtGGC%2FLBsN0SwntnNxczEWbKy%2FubScpQYYUuyI1B5uvYPmByTykc%2FTt7n0798AmlGMFmBKDsh04DUx2DJLmwyY281gVGznSCZQ54VQ1MPZj%2BVJFBiNtOggP3fHMz6PXsbXVMBTW8hjgr0TIGeKkDVADZ7cpgm5uTq%2FS%2FL%2BAqBqgwDZSr7gTLq89LaPyf%2BlumiTOew8qwq%2FNANhVsXQdgJwhZ1eSdsdgLa8UQr8KmH1I5F%2FMG%2F%2FwEAAP%2F%2FAQAA%2F%2F%2BWozL%2BhgQAAA%3D%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitTkZY9KLiRfAwCIqCTLpnpndm3MNiXCPBmMTdlZw8VFdVT8pUdzVV3dOTnKIrsscRPKinzptkg2tQ9w9QZOJlCQqZiwZMvHjZs7DoTXp2YNwP%2BvvR7zu89776dC%2B7IB4yerb%2Brt6RStEFv%2BZWX9mQMde5ra7erHpuzb1S3ZDx5eaVar9Mpve65%2Fo199Xq24Jt6YW667mu53rVJWlEqPsLExQyOep4tY5ba9Zrnt9E3zw%2B28yBpQ5474I8C8nHT2zevwfJRoij768Ju5Xq5LW3okzRVBv0%2BOH78Vas8xjRrA2NgzA%2BnG5D2zEhX8xBx4dTBdC9%2FVIBAjkmzm8egvhwShNB7%2BAR00BBxAj4U8h7Iwg1gqQjMH0Lkp8SgHGsriGO7qxqk9PtRygt0TGpPPwbMh%2BTyvlziKNvF5XsV29olaVSxxb9sIDsjyC7IyTZMdIdBzI%2FBks%2FhuS%2FkoWHK4ij%2FTWrNCQvJuqlHEGGIygxALUOsvKTDrLQQZY4iPhZlfqd0HVbYRA2Gu0mY6zRYMxvX%2BY%2BbzTboYuMlfQGSJMBmBqAmV0kZhdb8rNT%2FyWY7CfYzQKWO7DpmDjv7aLHC%2BSCILcEOSXIJUGeEuS94oArW7fFHa5sFnjTWp%2FWRjHUaXePHui0K2ICagZ7yQV5ZmLPX5fmsSXOqpy59cDv8LpgrVa9HbQ8X%2Fg%2BY6wVNttCtGBlAWnnJop3ylv9%2FgBJWfk5AnoMq47BpAOaeaD5sFV3QTeHzbaLnfi7MLNSx5HuSWFrqQbXBZK0gnTb2VMX5PkJlRfn%2F4BgJ1fvvnB0yXv5AZgpkJgCH8qfCbrq9vC6zsn%2BdZ1bcm8tSWUkd2h5xRspTcX83XfEdq4NX75mB1%2B%2FwUqgbI9uCpuu0JjLuGvJN4uSc2GWtGGC%2FLBsN0SwntnNxczEWbKy%2FubScpQYYUuyI1B5uvYPmByTykc%2FTt7n0798AmlGMFmBKDsh04DUx2DJLmwyY281gVGznSCZQ54VQ1MPZj%2BVJFBiNtOggP3fHMz6PXsbXVMBTW8hjgr0TIGeKkDVADZ7cpgm5uTq%2FS%2FL%2BAqBqgwDZSr7gTLq89LaPyf%2BlumiTOew8qwq%2FNANhVsXQdgJwhZ1eSdsdgLa8UQr8KmH1I5F%2FMG%2F%2FwEAAP%2F%2FAQAA%2F%2F%2BWozL%2BhgQAAA%3D%3D HTTP/1.1
Host: manuretravelingaroma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: u_pl=14944260; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cfcc768047817f6f5628fe0b0f093d22
Strict-Transport-Security: max-age=0; includeSubdomains
manuretravelingaroma.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3swPlp8XFS%2BCh0FQFGTSPTO9M%2BMeFtd1JRiTuLuSk4fqqupJmequpqo%2FJjlFF5Y9juBBPXWeSTa4BnX%2FAEUmXpagkLlowMSLlz0Li96kZwdGX%2Bj3o5%2F38DzPW3d2s3PiIaOna%2B%2FqbakUXfQbbv2VdRlzXdj6yq265zbcy%2FV1GV9qX64PqmTy1z3Xb7iv1t8WbFMvNl3PdT3Xq1%2BXRoR6sDhFIZPDntfouY12s%2BH5bQzMf2ebObDUAc%2FPybOQfPK%2FjYcPINkYcfTtNWE3U5289laUKZpqg5wfvB9vxrqIEc3b0DgI44PZNrSdEPLZBej4YKYAOt%2BrFCCQE%2BL84iGID2Y0EeT7T5gGCiJGwJ9CkY8h1BiSjsH0bUh%2BQgDGsbKKOLq3ok1Bt56gtEInpPb4T8hiQmpnzyGOvr6q5KB%2BU6sslTq2GIQl5GAM2R8jyY6QbjuQxRFY%2BjEk%2F5ksPl5GHO2tWqUheTlVL%2BUYMhxDiSGodZBVn3SQhQ6yxEHET%2BvU74Wu2wmDsNXqthljrRZjfvcS93mr3Q1dZKyiN0SaDMHUEMzsIDE72JSfnPgvwWQ%2FwG6UsNyBTSfEeW8HOS9RCILCEhSUoJAERUpQ5OU%2BV7Zpy3tc2SzwZrU5q61ypNP%2BLt3XaV%2FEBNQMd5Nz8szUnj8uLmBTnNY5c5uB3%2BNNwTqdZjfoeL7wfcZYJ2x3hejAyhLSXpgq3q5u9esjJFXlZwjoEaw6ApMOaOaBFqNO0wXdGLW7Lrbjb8LMSh1HOpfCNlINrkskaQ3plrOrzsnzUyovLpxDsOMr9184vOi9%2FAjMlEhMiQ%2FljwR9dXd0Qxdk74YuLHmwmqQyktu0uuLNlKZi4f47YqvQhi9ds8Mv32AVULWHt4RNl2nMZdy35KurknNhrmvDBPluya6LYC2zG1czE2fJ8tqb15eixAhbkR2DypPVv8DkhNQ%2B%2Bn76Pp%2F%2B6Q6kGcNkJaLsmMwCUh%2BBJTuwyZy91QRGzXeCZAFFVo5MM5j%2FVJJAiflMgxL2X3Mw73ftXfRNDTS9jTgqkZsSuSpB1RA2%2B%2F8oTczxlYefV%2FEFAlUbBcrU9gJl1KeVtb9X6bepyVU6g5WndeGHbijcpgjCXhB2qMt7YbsX0J4nOoFPPaR2IuIP%2Fv4HAAD%2F%2FwEAAP%2F%2F8m97XoYEAAA%3D
173.233.137.36 7 B URL manuretravelingaroma.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3swPlp8XFS%2BCh0FQFGTSPTO9M%2BMeFtd1JRiTuLuSk4fqqupJmequpqo%2FJjlFF5Y9juBBPXWeSTa4BnX%2FAEUmXpagkLlowMSLlz0Li96kZwdGX%2Bj3o5%2F38DzPW3d2s3PiIaOna%2B%2FqbakUXfQbbv2VdRlzXdj6yq265zbcy%2FV1GV9qX64PqmTy1z3Xb7iv1t8WbFMvNl3PdT3Xq1%2BXRoR6sDhFIZPDntfouY12s%2BH5bQzMf2ebObDUAc%2FPybOQfPK%2FjYcPINkYcfTtNWE3U5289laUKZpqg5wfvB9vxrqIEc3b0DgI44PZNrSdEPLZBej4YKYAOt%2BrFCCQE%2BL84iGID2Y0EeT7T5gGCiJGwJ9CkY8h1BiSjsH0bUh%2BQgDGsbKKOLq3ok1Bt56gtEInpPb4T8hiQmpnzyGOvr6q5KB%2BU6sslTq2GIQl5GAM2R8jyY6QbjuQxRFY%2BjEk%2F5ksPl5GHO2tWqUheTlVL%2BUYMhxDiSGodZBVn3SQhQ6yxEHET%2BvU74Wu2wmDsNXqthljrRZjfvcS93mr3Q1dZKyiN0SaDMHUEMzsIDE72JSfnPgvwWQ%2FwG6UsNyBTSfEeW8HOS9RCILCEhSUoJAERUpQ5OU%2BV7Zpy3tc2SzwZrU5q61ypNP%2BLt3XaV%2FEBNQMd5Nz8szUnj8uLmBTnNY5c5uB3%2BNNwTqdZjfoeL7wfcZYJ2x3hejAyhLSXpgq3q5u9esjJFXlZwjoEaw6ApMOaOaBFqNO0wXdGLW7Lrbjb8LMSh1HOpfCNlINrkskaQ3plrOrzsnzUyovLpxDsOMr9184vOi9%2FAjMlEhMiQ%2FljwR9dXd0Qxdk74YuLHmwmqQyktu0uuLNlKZi4f47YqvQhi9ds8Mv32AVULWHt4RNl2nMZdy35KurknNhrmvDBPluya6LYC2zG1czE2fJ8tqb15eixAhbkR2DypPVv8DkhNQ%2B%2Bn76Pp%2F%2B6Q6kGcNkJaLsmMwCUh%2BBJTuwyZy91QRGzXeCZAFFVo5MM5j%2FVJJAiflMgxL2X3Mw73ftXfRNDTS9jTgqkZsSuSpB1RA2%2B%2F8oTczxlYefV%2FEFAlUbBcrU9gJl1KeVtb9X6bepyVU6g5WndeGHbijcpgjCXhB2qMt7YbsX0J4nOoFPPaR2IuIP%2Fv4HAAD%2F%2FwEAAP%2F%2F8m97XoYEAAA%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3swPlp8XFS%2BCh0FQFGTSPTO9M%2BMeFtd1JRiTuLuSk4fqqupJmequpqo%2FJjlFF5Y9juBBPXWeSTa4BnX%2FAEUmXpagkLlowMSLlz0Li96kZwdGX%2Bj3o5%2F38DzPW3d2s3PiIaOna%2B%2FqbakUXfQbbv2VdRlzXdj6yq265zbcy%2FV1GV9qX64PqmTy1z3Xb7iv1t8WbFMvNl3PdT3Xq1%2BXRoR6sDhFIZPDntfouY12s%2BH5bQzMf2ebObDUAc%2FPybOQfPK%2FjYcPINkYcfTtNWE3U5289laUKZpqg5wfvB9vxrqIEc3b0DgI44PZNrSdEPLZBej4YKYAOt%2BrFCCQE%2BL84iGID2Y0EeT7T5gGCiJGwJ9CkY8h1BiSjsH0bUh%2BQgDGsbKKOLq3ok1Bt56gtEInpPb4T8hiQmpnzyGOvr6q5KB%2BU6sslTq2GIQl5GAM2R8jyY6QbjuQxRFY%2BjEk%2F5ksPl5GHO2tWqUheTlVL%2BUYMhxDiSGodZBVn3SQhQ6yxEHET%2BvU74Wu2wmDsNXqthljrRZjfvcS93mr3Q1dZKyiN0SaDMHUEMzsIDE72JSfnPgvwWQ%2FwG6UsNyBTSfEeW8HOS9RCILCEhSUoJAERUpQ5OU%2BV7Zpy3tc2SzwZrU5q61ypNP%2BLt3XaV%2FEBNQMd5Nz8szUnj8uLmBTnNY5c5uB3%2BNNwTqdZjfoeL7wfcZYJ2x3hejAyhLSXpgq3q5u9esjJFXlZwjoEaw6ApMOaOaBFqNO0wXdGLW7Lrbjb8LMSh1HOpfCNlINrkskaQ3plrOrzsnzUyovLpxDsOMr9184vOi9%2FAjMlEhMiQ%2FljwR9dXd0Qxdk74YuLHmwmqQyktu0uuLNlKZi4f47YqvQhi9ds8Mv32AVULWHt4RNl2nMZdy35KurknNhrmvDBPluya6LYC2zG1czE2fJ8tqb15eixAhbkR2DypPVv8DkhNQ%2B%2Bn76Pp%2F%2B6Q6kGcNkJaLsmMwCUh%2BBJTuwyZy91QRGzXeCZAFFVo5MM5j%2FVJJAiflMgxL2X3Mw73ftXfRNDTS9jTgqkZsSuSpB1RA2%2B%2F8oTczxlYefV%2FEFAlUbBcrU9gJl1KeVtb9X6bepyVU6g5WndeGHbijcpgjCXhB2qMt7YbsX0J4nOoFPPaR2IuIP%2Fv4HAAD%2F%2FwEAAP%2F%2F8m97XoYEAAA%3D HTTP/1.1
Host: manuretravelingaroma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: u_pl=14944260; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bbe679c24034b2a8ec361c5a31054a79
Strict-Transport-Security: max-age=0; includeSubdomains
manuretravelingaroma.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3oyw6EXFi%2BBhEBQFmXTPTO%2FMuIfFuEaCMYm7Kzl5qK6qnpSp7mqquqcnOUUXZY8jeFBPnTfJBteg7h%2BgyMTLEhQyFw2YePGyZ2HRm%2FRkYNwP%2BvvR7zu89776dDc7Jx4yerr2rt6WStF5v%2BZWX1mXMde5ra7cqnpuzb1aXZfxlebVar9Mpve65%2Fo199Xq24Jt6vm667mu53rVRWlEqPvzExQyOex4tY5ba9Zrnt9E3zw%2B28yBpQ5475w8C8nHT2w8uA%2FJRoij768Lu5nq5LW3okzRVBv0%2BMH78Was8xjRrA2NgzA%2BmG5D2zEhX1yCjg%2BmCqB7e6UCBHJMnN88BPHBlCaC3v4F00BBxAj4U8h7Iwg1gqQjMH0bkp8QgHGsrCKO7q5ok9OtC5SW6JhUHv0NmY9J5ew5xNG3C0r2qze1ylKpY4t%2BWED2R5DdEZLsCOm2A5kfgaUfQ%2FJfyfyjZcTR3qpVGpIXE%2FVSjiDDEZQYgFoHWflJB1noIEscRPy0Sv1O6LqtMAgbjXaTMdZoMOa3r3CfN5rt0EXGSnoDpMkATA3AzA4Ss4NN%2BdmJ%2FxJM9hPsRgHLHdh0TJz3dtDjBXJBkFuCnBLkkiBPCfJesc%2BVrdviLlc2C7xprU9roxjqtLtL93XaFTEBNYPd5Jw8M7Hnr8tz2BSnVc7ceuB3eF2wVqveDlqeL3yfMdYKm20hWrCygLSXJoq3y1v9%2FhBJWfkZAnoEq47ApAOaeaD5sFV3QTeGzbaL7fi7MLNSx5HuSWFrqQbXBZK0gnTL2VXn5PkJlRfnziDY8bV7Lxxe9l5%2BCGYKJKbAh%2FJngq66M7yhc7J3Q%2BeW3F9NUhnJbVpe8WZKUzF37x2xlWvDl67bwddvsBIo28NbwqbLNOYy7lryzYLkXJhFbZggPyzZdRGsZXZjITNxliyvvbm4FCVG2JLsCFSerP4DJsek8tGPk%2Ff59C%2BfQJoRTFYgyo7JNCD1EViyA5vM2FtNYNRsJ0gqyLNiaOrB7KeSBErMZhoUsP%2Bbg1m%2Fa%2B%2Bgayqg6W3EUYGeKdBTBagawGZPDtPEHF978GUZXyFQlWGgTGUvUEZ9Xlr7Z5n%2BKNP5hdNWnlaFH7qhcOsiCDtB2KIu74TNTkA7nmgFPvWQ2rGIP%2Fj3PwAAAP%2F%2FAQAA%2F%2F8wFyxqhgQAAA%3D%3D
173.233.137.60 7 B URL manuretravelingaroma.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3oyw6EXFi%2BBhEBQFmXTPTO%2FMuIfFuEaCMYm7Kzl5qK6qnpSp7mqquqcnOUUXZY8jeFBPnTfJBteg7h%2BgyMTLEhQyFw2YePGyZ2HRm%2FRkYNwP%2BvvR7zu89776dDc7Jx4yerr2rt6WStF5v%2BZWX1mXMde5ra7cqnpuzb1aXZfxlebVar9Mpve65%2Fo199Xq24Jt6vm667mu53rVRWlEqPvzExQyOex4tY5ba9Zrnt9E3zw%2B28yBpQ5475w8C8nHT2w8uA%2FJRoij768Lu5nq5LW3okzRVBv0%2BMH78Was8xjRrA2NgzA%2BmG5D2zEhX1yCjg%2BmCqB7e6UCBHJMnN88BPHBlCaC3v4F00BBxAj4U8h7Iwg1gqQjMH0bkp8QgHGsrCKO7q5ok9OtC5SW6JhUHv0NmY9J5ew5xNG3C0r2qze1ylKpY4t%2BWED2R5DdEZLsCOm2A5kfgaUfQ%2FJfyfyjZcTR3qpVGpIXE%2FVSjiDDEZQYgFoHWflJB1noIEscRPy0Sv1O6LqtMAgbjXaTMdZoMOa3r3CfN5rt0EXGSnoDpMkATA3AzA4Ss4NN%2BdmJ%2FxJM9hPsRgHLHdh0TJz3dtDjBXJBkFuCnBLkkiBPCfJesc%2BVrdviLlc2C7xprU9roxjqtLtL93XaFTEBNYPd5Jw8M7Hnr8tz2BSnVc7ceuB3eF2wVqveDlqeL3yfMdYKm20hWrCygLSXJoq3y1v9%2FhBJWfkZAnoEq47ApAOaeaD5sFV3QTeGzbaL7fi7MLNSx5HuSWFrqQbXBZK0gnTL2VXn5PkJlRfnziDY8bV7Lxxe9l5%2BCGYKJKbAh%2FJngq66M7yhc7J3Q%2BeW3F9NUhnJbVpe8WZKUzF37x2xlWvDl67bwddvsBIo28NbwqbLNOYy7lryzYLkXJhFbZggPyzZdRGsZXZjITNxliyvvbm4FCVG2JLsCFSerP4DJsek8tGPk%2Ff59C%2BfQJoRTFYgyo7JNCD1EViyA5vM2FtNYNRsJ0gqyLNiaOrB7KeSBErMZhoUsP%2Bbg1m%2Fa%2B%2Bgayqg6W3EUYGeKdBTBagawGZPDtPEHF978GUZXyFQlWGgTGUvUEZ9Xlr7Z5n%2BKNP5hdNWnlaFH7qhcOsiCDtB2KIu74TNTkA7nmgFPvWQ2rGIP%2Fj3PwAAAP%2F%2FAQAA%2F%2F8wFyxqhgQAAA%3D%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3oyw6EXFi%2BBhEBQFmXTPTO%2FMuIfFuEaCMYm7Kzl5qK6qnpSp7mqquqcnOUUXZY8jeFBPnTfJBteg7h%2BgyMTLEhQyFw2YePGyZ2HRm%2FRkYNwP%2BvvR7zu89776dDc7Jx4yerr2rt6WStF5v%2BZWX1mXMde5ra7cqnpuzb1aXZfxlebVar9Mpve65%2Fo199Xq24Jt6vm667mu53rVRWlEqPvzExQyOex4tY5ba9Zrnt9E3zw%2B28yBpQ5475w8C8nHT2w8uA%2FJRoij768Lu5nq5LW3okzRVBv0%2BMH78Was8xjRrA2NgzA%2BmG5D2zEhX1yCjg%2BmCqB7e6UCBHJMnN88BPHBlCaC3v4F00BBxAj4U8h7Iwg1gqQjMH0bkp8QgHGsrCKO7q5ok9OtC5SW6JhUHv0NmY9J5ew5xNG3C0r2qze1ylKpY4t%2BWED2R5DdEZLsCOm2A5kfgaUfQ%2FJfyfyjZcTR3qpVGpIXE%2FVSjiDDEZQYgFoHWflJB1noIEscRPy0Sv1O6LqtMAgbjXaTMdZoMOa3r3CfN5rt0EXGSnoDpMkATA3AzA4Ss4NN%2BdmJ%2FxJM9hPsRgHLHdh0TJz3dtDjBXJBkFuCnBLkkiBPCfJesc%2BVrdviLlc2C7xprU9roxjqtLtL93XaFTEBNYPd5Jw8M7Hnr8tz2BSnVc7ceuB3eF2wVqveDlqeL3yfMdYKm20hWrCygLSXJoq3y1v9%2FhBJWfkZAnoEq47ApAOaeaD5sFV3QTeGzbaL7fi7MLNSx5HuSWFrqQbXBZK0gnTL2VXn5PkJlRfnziDY8bV7Lxxe9l5%2BCGYKJKbAh%2FJngq66M7yhc7J3Q%2BeW3F9NUhnJbVpe8WZKUzF37x2xlWvDl67bwddvsBIo28NbwqbLNOYy7lryzYLkXJhFbZggPyzZdRGsZXZjITNxliyvvbm4FCVG2JLsCFSerP4DJsek8tGPk%2Ff59C%2BfQJoRTFYgyo7JNCD1EViyA5vM2FtNYNRsJ0gqyLNiaOrB7KeSBErMZhoUsP%2Bbg1m%2Fa%2B%2Bgayqg6W3EUYGeKdBTBagawGZPDtPEHF978GUZXyFQlWGgTGUvUEZ9Xlr7Z5n%2BKNP5hdNWnlaFH7qhcOsiCDtB2KIu74TNTkA7nmgFPvWQ2rGIP%2Fj3PwAAAP%2F%2FAQAA%2F%2F8wFyxqhgQAAA%3D%3D HTTP/1.1
Host: manuretravelingaroma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: u_pl=14944260; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 207ad841e5838070e6f110183abe6a14
Strict-Transport-Security: max-age=0; includeSubdomains
manuretravelingaroma.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skVRd9NdMfDJ8bFTeCi0ZQFKRT1d013e0sBscxEoxJnBnJysWr9151nnlVr3ivfnSyig7oLFtwoa4qp5MJjkGdP0CRjpshKKQ3GjBx42bWwqA7qZ6G1gt17r117uKce99Hu9k58ZDR07W39bZUii74Dbf%2B0rqMuS5sfeVW3XMb7pX6uowvt6%2FUBxWY%2FFXP9Rvuy%2FU3BdvUC03Xc13P9eqL0ohQDxamLGRy2PMaPbfRbjY8v42B%2BW9vMweWOuD5OXkakk%2F%2Bt%2FHgPiQbI46%2BvS7sZqqTV96IMkVTbZDzg3fjzVgXMaJ5GRoHYXwwm4a2E0I%2BuwAdH8wcQOd7lQMEckKcXzwE8cFMJoJ8%2F7HSQEHECPgTKPIxhBpD0jGYvg3JTwjAOFZWEUd3V7Qp6NZjllbshNQe%2FQlZTEjt7BnE0dfXlBzUb2qVpVLHFoOwhByMIftjJNkR0m0HsjgCSz%2BE5D%2BThUfLiKO9Vas0JC%2Bn7qUcQ4ZjKDEEtQ6y6pMOstBBljiI%2BGmd%2Br3QdTthELZa3TZjrNVizO9e5j5vtbuhi4xV8oZIkyGYGoKZHSRmB5vykxP%2FBZjsB9iNEpY7sOmEOO%2FsIOclCkFQWIKCEhSSoEgJirzc58o2bXmXK5sF3iw3Z7lVjnTa36X7Ou2LmICa4W5yTp6aruePSxexKU7rnLnNwO%2FxpmCdTrMbdDxf%2BD5jrBO2u0J0YGUJaS9MHW9Xt%2Fr1IZIq8zME9AhWHYFJBzTzQItRp%2BmCbozaXRfb8TdhZqWOI51LYRupBtclkrSGdMvZVefk2amU5y%2F%2BDsGOr9577vCS9%2BJDMFMiMSXelz8S9NWd0Q1dkL0burDk%2FmqSykhu0%2BqKN1Oaiov33hJbhTZ86bodfvkaq4iqPLwlbLpMYy7jviVfXZOcC7OoDRPkuyW7LoK1zG5cy0ycJctrry8uRYkRthI7BpUnq3%2BByQmpffD99H0%2B%2BdPHkGYMk5WIsmMyC0h9BJbswCZz9VYTGDWfCRIHRVaOTDOY%2F1SSQIl5T4MS9l99MK937R30TQ00vY04KpGbErkqQdUQNvv%2FKE3M8dUHn1fxBQJVGwXK1PYCZdSn09VW8FsF5xWcwcrTuu%2B1RTfodhjngWDc6zRb3ZbrNjlvd3rC6yG1ExG%2F9%2Fc%2FAAAA%2F%2F8BAAD%2F%2FweCkcqGBAAA
173.233.137.36 7 B URL manuretravelingaroma.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skVRd9NdMfDJ8bFTeCi0ZQFKRT1d013e0sBscxEoxJnBnJysWr9151nnlVr3ivfnSyig7oLFtwoa4qp5MJjkGdP0CRjpshKKQ3GjBx42bWwqA7qZ6G1gt17r117uKce99Hu9k58ZDR07W39bZUii74Dbf%2B0rqMuS5sfeVW3XMb7pX6uowvt6%2FUBxWY%2FFXP9Rvuy%2FU3BdvUC03Xc13P9eqL0ohQDxamLGRy2PMaPbfRbjY8v42B%2BW9vMweWOuD5OXkakk%2F%2Bt%2FHgPiQbI46%2BvS7sZqqTV96IMkVTbZDzg3fjzVgXMaJ5GRoHYXwwm4a2E0I%2BuwAdH8wcQOd7lQMEckKcXzwE8cFMJoJ8%2F7HSQEHECPgTKPIxhBpD0jGYvg3JTwjAOFZWEUd3V7Qp6NZjllbshNQe%2FQlZTEjt7BnE0dfXlBzUb2qVpVLHFoOwhByMIftjJNkR0m0HsjgCSz%2BE5D%2BThUfLiKO9Vas0JC%2Bn7qUcQ4ZjKDEEtQ6y6pMOstBBljiI%2BGmd%2Br3QdTthELZa3TZjrNVizO9e5j5vtbuhi4xV8oZIkyGYGoKZHSRmB5vykxP%2FBZjsB9iNEpY7sOmEOO%2FsIOclCkFQWIKCEhSSoEgJirzc58o2bXmXK5sF3iw3Z7lVjnTa36X7Ou2LmICa4W5yTp6aruePSxexKU7rnLnNwO%2FxpmCdTrMbdDxf%2BD5jrBO2u0J0YGUJaS9MHW9Xt%2Fr1IZIq8zME9AhWHYFJBzTzQItRp%2BmCbozaXRfb8TdhZqWOI51LYRupBtclkrSGdMvZVefk2amU5y%2F%2BDsGOr9577vCS9%2BJDMFMiMSXelz8S9NWd0Q1dkL0burDk%2FmqSykhu0%2BqKN1Oaiov33hJbhTZ86bodfvkaq4iqPLwlbLpMYy7jviVfXZOcC7OoDRPkuyW7LoK1zG5cy0ycJctrry8uRYkRthI7BpUnq3%2BByQmpffD99H0%2B%2BdPHkGYMk5WIsmMyC0h9BJbswCZz9VYTGDWfCRIHRVaOTDOY%2F1SSQIl5T4MS9l99MK937R30TQ00vY04KpGbErkqQdUQNvv%2FKE3M8dUHn1fxBQJVGwXK1PYCZdSn09VW8FsF5xWcwcrTuu%2B1RTfodhjngWDc6zRb3ZbrNjlvd3rC6yG1ExG%2F9%2Fc%2FAAAA%2F%2F8BAAD%2F%2FweCkcqGBAAA
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skVRd9NdMfDJ8bFTeCi0ZQFKRT1d013e0sBscxEoxJnBnJysWr9151nnlVr3ivfnSyig7oLFtwoa4qp5MJjkGdP0CRjpshKKQ3GjBx42bWwqA7qZ6G1gt17r117uKce99Hu9k58ZDR07W39bZUii74Dbf%2B0rqMuS5sfeVW3XMb7pX6uowvt6%2FUBxWY%2FFXP9Rvuy%2FU3BdvUC03Xc13P9eqL0ohQDxamLGRy2PMaPbfRbjY8v42B%2BW9vMweWOuD5OXkakk%2F%2Bt%2FHgPiQbI46%2BvS7sZqqTV96IMkVTbZDzg3fjzVgXMaJ5GRoHYXwwm4a2E0I%2BuwAdH8wcQOd7lQMEckKcXzwE8cFMJoJ8%2F7HSQEHECPgTKPIxhBpD0jGYvg3JTwjAOFZWEUd3V7Qp6NZjllbshNQe%2FQlZTEjt7BnE0dfXlBzUb2qVpVLHFoOwhByMIftjJNkR0m0HsjgCSz%2BE5D%2BThUfLiKO9Vas0JC%2Bn7qUcQ4ZjKDEEtQ6y6pMOstBBljiI%2BGmd%2Br3QdTthELZa3TZjrNVizO9e5j5vtbuhi4xV8oZIkyGYGoKZHSRmB5vykxP%2FBZjsB9iNEpY7sOmEOO%2FsIOclCkFQWIKCEhSSoEgJirzc58o2bXmXK5sF3iw3Z7lVjnTa36X7Ou2LmICa4W5yTp6aruePSxexKU7rnLnNwO%2FxpmCdTrMbdDxf%2BD5jrBO2u0J0YGUJaS9MHW9Xt%2Fr1IZIq8zME9AhWHYFJBzTzQItRp%2BmCbozaXRfb8TdhZqWOI51LYRupBtclkrSGdMvZVefk2amU5y%2F%2BDsGOr9577vCS9%2BJDMFMiMSXelz8S9NWd0Q1dkL0burDk%2FmqSykhu0%2BqKN1Oaiov33hJbhTZ86bodfvkaq4iqPLwlbLpMYy7jviVfXZOcC7OoDRPkuyW7LoK1zG5cy0ycJctrry8uRYkRthI7BpUnq3%2BByQmpffD99H0%2B%2BdPHkGYMk5WIsmMyC0h9BJbswCZz9VYTGDWfCRIHRVaOTDOY%2F1SSQIl5T4MS9l99MK937R30TQ00vY04KpGbErkqQdUQNvv%2FKE3M8dUHn1fxBQJVGwXK1PYCZdSn09VW8FsF5xWcwcrTuu%2B1RTfodhjngWDc6zRb3ZbrNjlvd3rC6yG1ExG%2F9%2Fc%2FAAAA%2F%2F8BAAD%2F%2FweCkcqGBAAA HTTP/1.1
Host: manuretravelingaroma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: u_pl=14944260; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: efa33c55d0fff3e2670e6bb47acedb8c
Strict-Transport-Security: max-age=0; includeSubdomains
manuretravelingaroma.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitTkZY9KLiRfAwCIqCTLpnpndm3MNiXCPBmMTdlZw8VFdVT8pUdzVV3dOTnKIrsscRPKinzptkg2tQ9w9QZOJlCQqZiwZMvHjZs7DoTXp2YNwP%2BvvR7zu89776dC%2B7IB4yerb%2Brt6RStEFv%2BZWX9mQMde5ra7erHpuzb1S3ZDx5eaVar9Mpve65%2Fo199Xq24Jt6YW667mu53rVJWlEqPsLExQyOep4tY5ba9Zrnt9E3zw%2B28yBpQ5474I8C8nHT2zevwfJRoij768Ju5Xq5LW3okzRVBv0%2BOH78Vas8xjRrA2NgzA%2BnG5D2zEhX8xBx4dTBdC9%2FVIBAjkmzm8egvhwShNB7%2BAR00BBxAj4U8h7Iwg1gqQjMH0Lkp8SgHGsriGO7qxqk9PtRygt0TGpPPwbMh%2BTyvlziKNvF5XsV29olaVSxxb9sIDsjyC7IyTZMdIdBzI%2FBks%2FhuS%2FkoWHK4ij%2FTWrNCQvJuqlHEGGIygxALUOsvKTDrLQQZY4iPhZlfqd0HVbYRA2Gu0mY6zRYMxvX%2BY%2BbzTboYuMlfQGSJMBmBqAmV0kZhdb8rNT%2FyWY7CfYzQKWO7DpmDjv7aLHC%2BSCILcEOSXIJUGeEuS94oArW7fFHa5sFnjTWp%2FWRjHUaXePHui0K2ICagZ7yQV5ZmLPX5fmsSXOqpy59cDv8LpgrVa9HbQ8X%2Fg%2BY6wVNttCtGBlAWnnJop3ylv9%2FgBJWfk5AnoMq47BpAOaeaD5sFV3QTeHzbaLnfi7MLNSx5HuSWFrqQbXBZK0gnTb2VMX5PkJlRfn%2F4BgJ1fvvnB0yXv5AZgpkJgCH8qfCbrq9vC6zsn%2BdZ1bcm8tSWUkd2h5xRspTcX83XfEdq4NX75mB1%2B%2FwUqgbI9uCpuu0JjLuGvJN4uSc2GWtGGC%2FLBsN0SwntnNxczEWbKy%2FubScpQYYUuyI1B5uvYPmByTykc%2FTt7n0798AmlGMFmBKDsh04DUx2DJLmwyY281gVGznSCZQ54VQ1MPZj%2BVJFBiNtOggP3fHMz6PXsbXVMBTW8hjgr0TIGeKkDVADZ7cpgm5uTq%2FS%2FL%2BAqBqgwDZSr7gTLq89LaPyf%2BlumiTOew8qzqe03RDtotxnkgGPda9Ua74bp1zputjvA6SO1YxB%2F8%2Bx8AAAD%2F%2FwEAAP%2F%2Fgqu8GIYEAAA%3D
173.233.137.36 7 B URL manuretravelingaroma.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitTkZY9KLiRfAwCIqCTLpnpndm3MNiXCPBmMTdlZw8VFdVT8pUdzVV3dOTnKIrsscRPKinzptkg2tQ9w9QZOJlCQqZiwZMvHjZs7DoTXp2YNwP%2BvvR7zu89776dC%2B7IB4yerb%2Brt6RStEFv%2BZWX9mQMde5ra7erHpuzb1S3ZDx5eaVar9Mpve65%2Fo199Xq24Jt6YW667mu53rVJWlEqPsLExQyOep4tY5ba9Zrnt9E3zw%2B28yBpQ5474I8C8nHT2zevwfJRoij768Ju5Xq5LW3okzRVBv0%2BOH78Vas8xjRrA2NgzA%2BnG5D2zEhX8xBx4dTBdC9%2FVIBAjkmzm8egvhwShNB7%2BAR00BBxAj4U8h7Iwg1gqQjMH0Lkp8SgHGsriGO7qxqk9PtRygt0TGpPPwbMh%2BTyvlziKNvF5XsV29olaVSxxb9sIDsjyC7IyTZMdIdBzI%2FBks%2FhuS%2FkoWHK4ij%2FTWrNCQvJuqlHEGGIygxALUOsvKTDrLQQZY4iPhZlfqd0HVbYRA2Gu0mY6zRYMxvX%2BY%2BbzTboYuMlfQGSJMBmBqAmV0kZhdb8rNT%2FyWY7CfYzQKWO7DpmDjv7aLHC%2BSCILcEOSXIJUGeEuS94oArW7fFHa5sFnjTWp%2FWRjHUaXePHui0K2ICagZ7yQV5ZmLPX5fmsSXOqpy59cDv8LpgrVa9HbQ8X%2Fg%2BY6wVNttCtGBlAWnnJop3ylv9%2FgBJWfk5AnoMq47BpAOaeaD5sFV3QTeHzbaLnfi7MLNSx5HuSWFrqQbXBZK0gnTb2VMX5PkJlRfn%2F4BgJ1fvvnB0yXv5AZgpkJgCH8qfCbrq9vC6zsn%2BdZ1bcm8tSWUkd2h5xRspTcX83XfEdq4NX75mB1%2B%2FwUqgbI9uCpuu0JjLuGvJN4uSc2GWtGGC%2FLBsN0SwntnNxczEWbKy%2FubScpQYYUuyI1B5uvYPmByTykc%2FTt7n0798AmlGMFmBKDsh04DUx2DJLmwyY281gVGznSCZQ54VQ1MPZj%2BVJFBiNtOggP3fHMz6PXsbXVMBTW8hjgr0TIGeKkDVADZ7cpgm5uTq%2FS%2FL%2BAqBqgwDZSr7gTLq89LaPyf%2BlumiTOew8qzqe03RDtotxnkgGPda9Ua74bp1zputjvA6SO1YxB%2F8%2Bx8AAAD%2F%2FwEAAP%2F%2Fgqu8GIYEAAA%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitTkZY9KLiRfAwCIqCTLpnpndm3MNiXCPBmMTdlZw8VFdVT8pUdzVV3dOTnKIrsscRPKinzptkg2tQ9w9QZOJlCQqZiwZMvHjZs7DoTXp2YNwP%2BvvR7zu89776dC%2B7IB4yerb%2Brt6RStEFv%2BZWX9mQMde5ra7erHpuzb1S3ZDx5eaVar9Mpve65%2Fo199Xq24Jt6YW667mu53rVJWlEqPsLExQyOep4tY5ba9Zrnt9E3zw%2B28yBpQ5474I8C8nHT2zevwfJRoij768Ju5Xq5LW3okzRVBv0%2BOH78Vas8xjRrA2NgzA%2BnG5D2zEhX8xBx4dTBdC9%2FVIBAjkmzm8egvhwShNB7%2BAR00BBxAj4U8h7Iwg1gqQjMH0Lkp8SgHGsriGO7qxqk9PtRygt0TGpPPwbMh%2BTyvlziKNvF5XsV29olaVSxxb9sIDsjyC7IyTZMdIdBzI%2FBks%2FhuS%2FkoWHK4ij%2FTWrNCQvJuqlHEGGIygxALUOsvKTDrLQQZY4iPhZlfqd0HVbYRA2Gu0mY6zRYMxvX%2BY%2BbzTboYuMlfQGSJMBmBqAmV0kZhdb8rNT%2FyWY7CfYzQKWO7DpmDjv7aLHC%2BSCILcEOSXIJUGeEuS94oArW7fFHa5sFnjTWp%2FWRjHUaXePHui0K2ICagZ7yQV5ZmLPX5fmsSXOqpy59cDv8LpgrVa9HbQ8X%2Fg%2BY6wVNttCtGBlAWnnJop3ylv9%2FgBJWfk5AnoMq47BpAOaeaD5sFV3QTeHzbaLnfi7MLNSx5HuSWFrqQbXBZK0gnTb2VMX5PkJlRfn%2F4BgJ1fvvnB0yXv5AZgpkJgCH8qfCbrq9vC6zsn%2BdZ1bcm8tSWUkd2h5xRspTcX83XfEdq4NX75mB1%2B%2FwUqgbI9uCpuu0JjLuGvJN4uSc2GWtGGC%2FLBsN0SwntnNxczEWbKy%2FubScpQYYUuyI1B5uvYPmByTykc%2FTt7n0798AmlGMFmBKDsh04DUx2DJLmwyY281gVGznSCZQ54VQ1MPZj%2BVJFBiNtOggP3fHMz6PXsbXVMBTW8hjgr0TIGeKkDVADZ7cpgm5uTq%2FS%2FL%2BAqBqgwDZSr7gTLq89LaPyf%2BlumiTOew8qzqe03RDtotxnkgGPda9Ua74bp1zputjvA6SO1YxB%2F8%2Bx8AAAD%2F%2FwEAAP%2F%2Fgqu8GIYEAAA%3D HTTP/1.1
Host: manuretravelingaroma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: u_pl=14944260; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 28d85ab8962c2b9673bc9e1e0d81a30a
Strict-Transport-Security: max-age=0; includeSubdomains
friendshipmale.com/sfp.js
172.64.173.31 27 kB URL friendshipmale.com/sfp.js
IP 172.64.173.31:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 924e967bca1d599992556a8d139b1c5a
222b09dbf164ddc03d39100fd0524a22018d28b2
ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:13 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f9e0e29527f899df607591fea92c94ff
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 04 Dec 2023 23:17:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDBxiyvKb4AJp9NBeNX6KlpQ0ViF%2B5asgyjAZ5YDR%2F8AxknhTiKj1GGCR1DkyhFZHNKpYIuM0n2l5vMS6vpPjKxrkpFSPiU%2Fp3KCynnPx3S4DHlS77VJmjklA7cbaLGMVL37RKs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2f6bde448c4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
unseenreport.com/pxf.gif?uuid=f5b6b975-8318-4b40-8d29-1f8954290460&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=b005c98326c3554c8acdc4604221173c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23
192.243.59.20 1 B URL unseenreport.com/pxf.gif?uuid=f5b6b975-8318-4b40-8d29-1f8954290460&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=b005c98326c3554c8acdc4604221173c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=f5b6b975-8318-4b40-8d29-1f8954290460&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=b005c98326c3554c8acdc4604221173c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0814b0ff885e55f9f6e766734ff004b5
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=f5b6b975-8318-4b40-8d29-1f8954290460&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=82fe0b644d03b2da47a79435101845c5&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23
192.243.59.20 1 B URL unseenreport.com/pxf.gif?uuid=f5b6b975-8318-4b40-8d29-1f8954290460&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=82fe0b644d03b2da47a79435101845c5&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=f5b6b975-8318-4b40-8d29-1f8954290460&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=82fe0b644d03b2da47a79435101845c5&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9377c95ec9db10ca34a3bf4a81368464
Strict-Transport-Security: max-age=0; includeSubdomains
manuretravelingaroma.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
173.233.137.36 23 kB URL manuretravelingaroma.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (59544)
Hash 893947f40a7609fca60c083e009d8f58
98f49ae7d2cc4b626258997247d61e880a0decc7
ccc556c8deeb5d40fdaea96bce7897e2a0ada04f6e0f8532c74067c69940f2f0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /65/aa/28/65aa283021630dfd9030555c4c61a78c.js HTTP/1.1
Host: manuretravelingaroma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_AN-1159_new=0; u_pl=14944260; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0c46918280c1cea31617d2a1fcb2d733
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
manuretravelingaroma.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3swPlp8XFS%2BCh0FQFGTSPTO9M%2BMeFtd1JRiTuLuSk4fqqupJmequpqo%2FJjlFF5Y9juBBPXWeSTa4BnX%2FAEUmXpagkLlowMSLlz0Li96kZwdGX%2Bj3o5%2F38DzPW3d2s3PiIaOna%2B%2FqbakUXfQbbv2VdRlzXdj6yq265zbcy%2FV1GV9qX64PqmTy1z3Xb7iv1t8WbFMvNl3PdT3Xq1%2BXRoR6sDhFIZPDntfouY12s%2BH5bQzMf2ebObDUAc%2FPybOQfPK%2FjYcPINkYcfTtNWE3U5289laUKZpqg5wfvB9vxrqIEc3b0DgI44PZNrSdEPLZBej4YKYAOt%2BrFCCQE%2BL84iGID2Y0EeT7T5gGCiJGwJ9CkY8h1BiSjsH0bUh%2BQgDGsbKKOLq3ok1Bt56gtEInpPb4T8hiQmpnzyGOvr6q5KB%2BU6sslTq2GIQl5GAM2R8jyY6QbjuQxRFY%2BjEk%2F5ksPl5GHO2tWqUheTlVL%2BUYMhxDiSGodZBVn3SQhQ6yxEHET%2BvU74Wu2wmDsNXqthljrRZjfvcS93mr3Q1dZKyiN0SaDMHUEMzsIDE72JSfnPgvwWQ%2FwG6UsNyBTSfEeW8HOS9RCILCEhSUoJAERUpQ5OU%2BV7Zpy3tc2SzwZrU5q61ypNP%2BLt3XaV%2FEBNQMd5Nz8szUnj8uLmBTnNY5c5uB3%2BNNwTqdZjfoeL7wfcZYJ2x3hejAyhLSXpgq3q5u9esjJFXlZwjoEaw6ApMOaOaBFqNO0wXdGLW7Lrbjb8LMSh1HOpfCNlINrkskaQ3plrOrzsnzUyovLpxDsOMr9184vOi9%2FAjMlEhMiQ%2FljwR9dXd0Qxdk74YuLHmwmqQyktu0uuLNlKZi4f47YqvQhi9ds8Mv32AVULWHt4RNl2nMZdy35KurknNhrmvDBPluya6LYC2zG1czE2fJ8tqb15eixAhbkR2DypPVv8DkhNQ%2B%2Bn76Pp%2F%2B6Q6kGcNkJaLsmMwCUh%2BBJTuwyZy91QRGzXeCZAFFVo5MM5j%2FVJJAiflMgxL2X3Mw73ftXfRNDTS9jTgqkZsSuSpB1RA2%2B%2F8oTczxlYefV%2FEFAlUbBcrU9gJl1KeVtb9X6bepyVU6g5Wndd9ri27Q7TDOA8G412m2ui3XbXLe7vSE10NqJyL%2B4O9%2FAAAA%2F%2F8BAAD%2F%2F%2BZn9biGBAAA
173.233.137.36 7 B URL manuretravelingaroma.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3swPlp8XFS%2BCh0FQFGTSPTO9M%2BMeFtd1JRiTuLuSk4fqqupJmequpqo%2FJjlFF5Y9juBBPXWeSTa4BnX%2FAEUmXpagkLlowMSLlz0Li96kZwdGX%2Bj3o5%2F38DzPW3d2s3PiIaOna%2B%2FqbakUXfQbbv2VdRlzXdj6yq265zbcy%2FV1GV9qX64PqmTy1z3Xb7iv1t8WbFMvNl3PdT3Xq1%2BXRoR6sDhFIZPDntfouY12s%2BH5bQzMf2ebObDUAc%2FPybOQfPK%2FjYcPINkYcfTtNWE3U5289laUKZpqg5wfvB9vxrqIEc3b0DgI44PZNrSdEPLZBej4YKYAOt%2BrFCCQE%2BL84iGID2Y0EeT7T5gGCiJGwJ9CkY8h1BiSjsH0bUh%2BQgDGsbKKOLq3ok1Bt56gtEInpPb4T8hiQmpnzyGOvr6q5KB%2BU6sslTq2GIQl5GAM2R8jyY6QbjuQxRFY%2BjEk%2F5ksPl5GHO2tWqUheTlVL%2BUYMhxDiSGodZBVn3SQhQ6yxEHET%2BvU74Wu2wmDsNXqthljrRZjfvcS93mr3Q1dZKyiN0SaDMHUEMzsIDE72JSfnPgvwWQ%2FwG6UsNyBTSfEeW8HOS9RCILCEhSUoJAERUpQ5OU%2BV7Zpy3tc2SzwZrU5q61ypNP%2BLt3XaV%2FEBNQMd5Nz8szUnj8uLmBTnNY5c5uB3%2BNNwTqdZjfoeL7wfcZYJ2x3hejAyhLSXpgq3q5u9esjJFXlZwjoEaw6ApMOaOaBFqNO0wXdGLW7Lrbjb8LMSh1HOpfCNlINrkskaQ3plrOrzsnzUyovLpxDsOMr9184vOi9%2FAjMlEhMiQ%2FljwR9dXd0Qxdk74YuLHmwmqQyktu0uuLNlKZi4f47YqvQhi9ds8Mv32AVULWHt4RNl2nMZdy35KurknNhrmvDBPluya6LYC2zG1czE2fJ8tqb15eixAhbkR2DypPVv8DkhNQ%2B%2Bn76Pp%2F%2B6Q6kGcNkJaLsmMwCUh%2BBJTuwyZy91QRGzXeCZAFFVo5MM5j%2FVJJAiflMgxL2X3Mw73ftXfRNDTS9jTgqkZsSuSpB1RA2%2B%2F8oTczxlYefV%2FEFAlUbBcrU9gJl1KeVtb9X6bepyVU6g5Wndd9ri27Q7TDOA8G412m2ui3XbXLe7vSE10NqJyL%2B4O9%2FAAAA%2F%2F8BAAD%2F%2F%2BZn9biGBAAA
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3swPlp8XFS%2BCh0FQFGTSPTO9M%2BMeFtd1JRiTuLuSk4fqqupJmequpqo%2FJjlFF5Y9juBBPXWeSTa4BnX%2FAEUmXpagkLlowMSLlz0Li96kZwdGX%2Bj3o5%2F38DzPW3d2s3PiIaOna%2B%2FqbakUXfQbbv2VdRlzXdj6yq265zbcy%2FV1GV9qX64PqmTy1z3Xb7iv1t8WbFMvNl3PdT3Xq1%2BXRoR6sDhFIZPDntfouY12s%2BH5bQzMf2ebObDUAc%2FPybOQfPK%2FjYcPINkYcfTtNWE3U5289laUKZpqg5wfvB9vxrqIEc3b0DgI44PZNrSdEPLZBej4YKYAOt%2BrFCCQE%2BL84iGID2Y0EeT7T5gGCiJGwJ9CkY8h1BiSjsH0bUh%2BQgDGsbKKOLq3ok1Bt56gtEInpPb4T8hiQmpnzyGOvr6q5KB%2BU6sslTq2GIQl5GAM2R8jyY6QbjuQxRFY%2BjEk%2F5ksPl5GHO2tWqUheTlVL%2BUYMhxDiSGodZBVn3SQhQ6yxEHET%2BvU74Wu2wmDsNXqthljrRZjfvcS93mr3Q1dZKyiN0SaDMHUEMzsIDE72JSfnPgvwWQ%2FwG6UsNyBTSfEeW8HOS9RCILCEhSUoJAERUpQ5OU%2BV7Zpy3tc2SzwZrU5q61ypNP%2BLt3XaV%2FEBNQMd5Nz8szUnj8uLmBTnNY5c5uB3%2BNNwTqdZjfoeL7wfcZYJ2x3hejAyhLSXpgq3q5u9esjJFXlZwjoEaw6ApMOaOaBFqNO0wXdGLW7Lrbjb8LMSh1HOpfCNlINrkskaQ3plrOrzsnzUyovLpxDsOMr9184vOi9%2FAjMlEhMiQ%2FljwR9dXd0Qxdk74YuLHmwmqQyktu0uuLNlKZi4f47YqvQhi9ds8Mv32AVULWHt4RNl2nMZdy35KurknNhrmvDBPluya6LYC2zG1czE2fJ8tqb15eixAhbkR2DypPVv8DkhNQ%2B%2Bn76Pp%2F%2B6Q6kGcNkJaLsmMwCUh%2BBJTuwyZy91QRGzXeCZAFFVo5MM5j%2FVJJAiflMgxL2X3Mw73ftXfRNDTS9jTgqkZsSuSpB1RA2%2B%2F8oTczxlYefV%2FEFAlUbBcrU9gJl1KeVtb9X6bepyVU6g5Wndd9ri27Q7TDOA8G412m2ui3XbXLe7vSE10NqJyL%2B4O9%2FAAAA%2F%2F8BAAD%2F%2F%2BZn9biGBAAA HTTP/1.1
Host: manuretravelingaroma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: u_pl=14944260; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 94967a5f176e963374eeae46606c2a34
Strict-Transport-Security: max-age=0; includeSubdomains
manuretravelingaroma.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3oyw6EXFi%2BBhEBQFmXTPTO%2FMuIfFuEaCMYm7Kzl5qK6qnpSp7mqquqcnOUUXZY8jeFBPnTfJBteg7h%2BgyMTLEhQyFw2YePGyZ2HRm%2FRkYNwP%2BvvR7zu89776dDc7Jx4yerr2rt6WStF5v%2BZWX1mXMde5ra7cqnpuzb1aXZfxlebVar9Mpve65%2Fo199Xq24Jt6vm667mu53rVRWlEqPvzExQyOex4tY5ba9Zrnt9E3zw%2B28yBpQ5475w8C8nHT2w8uA%2FJRoij768Lu5nq5LW3okzRVBv0%2BMH78Was8xjRrA2NgzA%2BmG5D2zEhX1yCjg%2BmCqB7e6UCBHJMnN88BPHBlCaC3v4F00BBxAj4U8h7Iwg1gqQjMH0bkp8QgHGsrCKO7q5ok9OtC5SW6JhUHv0NmY9J5ew5xNG3C0r2qze1ylKpY4t%2BWED2R5DdEZLsCOm2A5kfgaUfQ%2FJfyfyjZcTR3qpVGpIXE%2FVSjiDDEZQYgFoHWflJB1noIEscRPy0Sv1O6LqtMAgbjXaTMdZoMOa3r3CfN5rt0EXGSnoDpMkATA3AzA4Ss4NN%2BdmJ%2FxJM9hPsRgHLHdh0TJz3dtDjBXJBkFuCnBLkkiBPCfJesc%2BVrdviLlc2C7xprU9roxjqtLtL93XaFTEBNYPd5Jw8M7Hnr8tz2BSnVc7ceuB3eF2wVqveDlqeL3yfMdYKm20hWrCygLSXJoq3y1v9%2FhBJWfkZAnoEq47ApAOaeaD5sFV3QTeGzbaL7fi7MLNSx5HuSWFrqQbXBZK0gnTL2VXn5PkJlRfnziDY8bV7Lxxe9l5%2BCGYKJKbAh%2FJngq66M7yhc7J3Q%2BeW3F9NUhnJbVpe8WZKUzF37x2xlWvDl67bwddvsBIo28NbwqbLNOYy7lryzYLkXJhFbZggPyzZdRGsZXZjITNxliyvvbm4FCVG2JLsCFSerP4DJsek8tGPk%2Ff59C%2BfQJoRTFYgyo7JNCD1EViyA5vM2FtNYNRsJ0gqyLNiaOrB7KeSBErMZhoUsP%2Bbg1m%2Fa%2B%2Bgayqg6W3EUYGeKdBTBagawGZPDtPEHF978GUZXyFQlWGgTGUvUEZ9Xlr7Z5n%2BKNP5hdNWnlZ9rynaQbvFOA8E416r3mg3XLfOebPVEV4HqR2L%2BIN%2F%2FwMAAP%2F%2FAQAA%2F%2F8kH6KMhgQAAA%3D%3D
173.233.137.36 7 B URL manuretravelingaroma.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3oyw6EXFi%2BBhEBQFmXTPTO%2FMuIfFuEaCMYm7Kzl5qK6qnpSp7mqquqcnOUUXZY8jeFBPnTfJBteg7h%2BgyMTLEhQyFw2YePGyZ2HRm%2FRkYNwP%2BvvR7zu89776dDc7Jx4yerr2rt6WStF5v%2BZWX1mXMde5ra7cqnpuzb1aXZfxlebVar9Mpve65%2Fo199Xq24Jt6vm667mu53rVRWlEqPvzExQyOex4tY5ba9Zrnt9E3zw%2B28yBpQ5475w8C8nHT2w8uA%2FJRoij768Lu5nq5LW3okzRVBv0%2BMH78Was8xjRrA2NgzA%2BmG5D2zEhX1yCjg%2BmCqB7e6UCBHJMnN88BPHBlCaC3v4F00BBxAj4U8h7Iwg1gqQjMH0bkp8QgHGsrCKO7q5ok9OtC5SW6JhUHv0NmY9J5ew5xNG3C0r2qze1ylKpY4t%2BWED2R5DdEZLsCOm2A5kfgaUfQ%2FJfyfyjZcTR3qpVGpIXE%2FVSjiDDEZQYgFoHWflJB1noIEscRPy0Sv1O6LqtMAgbjXaTMdZoMOa3r3CfN5rt0EXGSnoDpMkATA3AzA4Ss4NN%2BdmJ%2FxJM9hPsRgHLHdh0TJz3dtDjBXJBkFuCnBLkkiBPCfJesc%2BVrdviLlc2C7xprU9roxjqtLtL93XaFTEBNYPd5Jw8M7Hnr8tz2BSnVc7ceuB3eF2wVqveDlqeL3yfMdYKm20hWrCygLSXJoq3y1v9%2FhBJWfkZAnoEq47ApAOaeaD5sFV3QTeGzbaL7fi7MLNSx5HuSWFrqQbXBZK0gnTL2VXn5PkJlRfnziDY8bV7Lxxe9l5%2BCGYKJKbAh%2FJngq66M7yhc7J3Q%2BeW3F9NUhnJbVpe8WZKUzF37x2xlWvDl67bwddvsBIo28NbwqbLNOYy7lryzYLkXJhFbZggPyzZdRGsZXZjITNxliyvvbm4FCVG2JLsCFSerP4DJsek8tGPk%2Ff59C%2BfQJoRTFYgyo7JNCD1EViyA5vM2FtNYNRsJ0gqyLNiaOrB7KeSBErMZhoUsP%2Bbg1m%2Fa%2B%2Bgayqg6W3EUYGeKdBTBagawGZPDtPEHF978GUZXyFQlWGgTGUvUEZ9Xlr7Z5n%2BKNP5hdNWnlZ9rynaQbvFOA8E416r3mg3XLfOebPVEV4HqR2L%2BIN%2F%2FwMAAP%2F%2FAQAA%2F%2F8kH6KMhgQAAA%3D%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3oyw6EXFi%2BBhEBQFmXTPTO%2FMuIfFuEaCMYm7Kzl5qK6qnpSp7mqquqcnOUUXZY8jeFBPnTfJBteg7h%2BgyMTLEhQyFw2YePGyZ2HRm%2FRkYNwP%2BvvR7zu89776dDc7Jx4yerr2rt6WStF5v%2BZWX1mXMde5ra7cqnpuzb1aXZfxlebVar9Mpve65%2Fo199Xq24Jt6vm667mu53rVRWlEqPvzExQyOex4tY5ba9Zrnt9E3zw%2B28yBpQ5475w8C8nHT2w8uA%2FJRoij768Lu5nq5LW3okzRVBv0%2BMH78Was8xjRrA2NgzA%2BmG5D2zEhX1yCjg%2BmCqB7e6UCBHJMnN88BPHBlCaC3v4F00BBxAj4U8h7Iwg1gqQjMH0bkp8QgHGsrCKO7q5ok9OtC5SW6JhUHv0NmY9J5ew5xNG3C0r2qze1ylKpY4t%2BWED2R5DdEZLsCOm2A5kfgaUfQ%2FJfyfyjZcTR3qpVGpIXE%2FVSjiDDEZQYgFoHWflJB1noIEscRPy0Sv1O6LqtMAgbjXaTMdZoMOa3r3CfN5rt0EXGSnoDpMkATA3AzA4Ss4NN%2BdmJ%2FxJM9hPsRgHLHdh0TJz3dtDjBXJBkFuCnBLkkiBPCfJesc%2BVrdviLlc2C7xprU9roxjqtLtL93XaFTEBNYPd5Jw8M7Hnr8tz2BSnVc7ceuB3eF2wVqveDlqeL3yfMdYKm20hWrCygLSXJoq3y1v9%2FhBJWfkZAnoEq47ApAOaeaD5sFV3QTeGzbaL7fi7MLNSx5HuSWFrqQbXBZK0gnTL2VXn5PkJlRfnziDY8bV7Lxxe9l5%2BCGYKJKbAh%2FJngq66M7yhc7J3Q%2BeW3F9NUhnJbVpe8WZKUzF37x2xlWvDl67bwddvsBIo28NbwqbLNOYy7lryzYLkXJhFbZggPyzZdRGsZXZjITNxliyvvbm4FCVG2JLsCFSerP4DJsek8tGPk%2Ff59C%2BfQJoRTFYgyo7JNCD1EViyA5vM2FtNYNRsJ0gqyLNiaOrB7KeSBErMZhoUsP%2Bbg1m%2Fa%2B%2Bgayqg6W3EUYGeKdBTBagawGZPDtPEHF978GUZXyFQlWGgTGUvUEZ9Xlr7Z5n%2BKNP5hdNWnlZ9rynaQbvFOA8E416r3mg3XLfOebPVEV4HqR2L%2BIN%2F%2FwMAAP%2F%2FAQAA%2F%2F8kH6KMhgQAAA%3D%3D HTTP/1.1
Host: manuretravelingaroma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: u_pl=14944260; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a22a0af399d28a284c7a4890b975ea63
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/si/98/58/2f/98582fa31e3a411721a1f890fd22419a/1700491903.png
45.133.44.9 9.0 kB URL cdn.cloudimagesb.com/si/98/58/2f/98582fa31e3a411721a1f890fd22419a/1700491903.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash a56f06ca83ee06488a213b352e00bd90
aec437b74eb6f1143683872fb2d664286da4a664
7144c526762a9d91bdde1939194c2835f2cb1afe0ebac298bbdf1e9239b539ec
GET /si/98/58/2f/98582fa31e3a411721a1f890fd22419a/1700491903.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:17:13 GMT
content-type: image/png
content-length: 9016
server: nginx/1.21.6
last-modified: Mon, 20 Nov 2023 14:51:52 GMT
etag: "655b7288-2338"
expires: Wed, 06 Dec 2023 23:17:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/close.png
172.64.109.10 591 B URL cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/close.png
IP 172.64.109.10:0
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 9fd5bcb6103d86e317bd1eb019bcbe71
6b5a52ea669dcb74946f2bed4bdd7ec985026113
0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae
GET /sb/ssp/vpn/classic-push/big1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:17:13 GMT
content-type: image/png
content-length: 591
last-modified: Mon, 21 Feb 2022 10:06:44 GMT
etag: "62136434-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1874153
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dptzgXes4QSy5XuzcZisNYzONc5DQ0fZKfrr9RKYyeszxM3fsKFAidtmDl9mrKfWw9j0CiGCK75nyPgc2l5ci0YjBWhobiHECNNr%2Fe5x9VwMK5abRiRiGTVmOOz%2BFzsMN7x2RQx89DnJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2f9286063f3-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/animate.css
172.64.109.10 25 kB URL cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/animate.css
IP 172.64.109.10:0
Hash e1d8acd5ee9d1a90ea09313cbd8f2b02
8a8327b115d1356715e63270d1ce6d46124c7b1a
3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a
GET /sb/ssp/vpn/classic-push/big1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.fusionmovies.to
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:17:13 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 10:06:42 GMT
etag: W/"62136432-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 566057
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEwQkt37RxnXBwxBvsyT1fY70KhSW%2BvsG%2BfnyNMZ0bLtbk7x8JBSYGV%2F1074ibtjSC%2BlrEMD4ru5XMBD%2BEWSl8EJjKuUwrYx%2BRE3feDzxqUmaOI1kdtyXcQzuHMGqeRnMAMAQxCgKdTM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2f8dfdf63f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.106 1.2 kB URL fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.106:0
File type gzip compressed data, max compression\012- data
Hash ec36bb169cac5a6601762a07cf236aa9
80d06a37b7ae261591b4d94c75e35b22d63d0426
9c270da58ca8dbeba22964b9ac46a7e920bbd460756c0ae7cf50ea84e450244e
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 04 Dec 2023 23:17:13 GMT
date: Mon, 04 Dec 2023 23:17:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tournamentfosterchild.com/pixel/purst?dl=0&th=0&sc=0&rs=2525&rd=2525&fd=239&bv=23.12.v.1&tmpl=136
173.233.137.60 0 B URL tournamentfosterchild.com/pixel/purst?dl=0&th=0&sc=0&rs=2525&rd=2525&fd=239&bv=23.12.v.1&tmpl=136
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2525&rd=2525&fd=239&bv=23.12.v.1&tmpl=136 HTTP/1.1
Host: tournamentfosterchild.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:14 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
banquetunarmedgrater.com/advertisers.js
172.67.219.12 0 B URL banquetunarmedgrater.com/advertisers.js
IP 172.67.219.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:14 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: c827329e60e8abc84789ee959c5d7e7f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 04 Dec 2023 23:17:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQ3xW%2FCu66NoR4KKPPd6JzZVGzF4YPNTjw5kbqZGstK8vjoTgRbYXK6hgJV3UNS9U8cEX0HuWtHgJdpWgXbvEFMyGcuITkeiyJzTxEwNzMhXzZbQcNr6H2B39CZHsuSXrA0CoC6qKZIWMTc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2fadaf90b59-OSL
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.131 16 kB URL fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.131:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www4.fusionmovies.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:52:12 GMT
expires: Thu, 28 Nov 2024 21:52:12 GMT
cache-control: public, max-age=31536000
age: 437102
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html
45.133.44.4 950 B URL cdn.barscreative1.com/sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
File type gzip compressed data, from Unix\012- data
Hash 17fe9af27c959ee2b7d8600d561dc721
a1e377b522d6ac8c4d5bb8e9fefa6a57b7a17825
8377a5fa231c6855b667aecf2a687109476edde00d4097f4da88484da9b0cb00
GET /sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.fusionmovies.to
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:17:13 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Tue, 29 Mar 2022 08:27:10 GMT
etag: W/"6242c2de-602"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 05 Dec 2023 00:17:13 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
growledavenuejill.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReu3t3f6YcHZS8iwhwUVjCT7unuzIx7WFzXrMGYhP1DDuKhuqp6Uqa6q6nqnp6Ml%2BCC7HEWPHjsfJNsUJfV9SgIMvEiAWHHg%2BawAfEkyF6EBW8yk4HRB1Xvfe%2Brw%2Fe9V5%2FsFafEQ0FPNt7TfakUXQzrbu3Spky5Lm1t7VbNc%2Bvu5dqmTJeCy7Xe5DLdNzw3rLuv1a4Ltq0XG67nup7r1ZalEbHuLU5ZyOxB26u33XrQqHthgJ75L7aFA0sd8O4peQGSj%2F%2B39eMjSDZCmnx9TdjtXGevv50UiubaoMsPb6fbqS5TJPMyNg7i9HD2GtqOCfnsHHR6OHMA3d2fOEAkx8T5xUOUHs5kIuoenCmNFESKiP8fZXcEoUaQdASm70DyxwRgHGvrSJP7a9qUdOeMpRN2TC48%2BwuyHJMLTy4iTR5eVbJXu6lVkUudWvTiCrI3guyMkBVHyPsOZHkEln8MyX8ii89WkSb761ZpSH7ySpt7HhctsdBshnQhaAXxAo2Wmgvt5hKlARWuH9HpiKQcQcYjKDEAtQ6KyZEOithBkTlI%2BEmNhu3YdZtxFPt%2BK2CM%2BT5jYWuJh9wPWrGLgk08DJBnAzA1ADO7yMwutuW9x%2BGrMMX3sFsVLHdgc4Iur1AKgtISlJSglARlTlB2qwOubMNW97myReTNcmOW%2FWqo884ePdB5R6QE1Az2slPy%2FHR%2Bf%2BIlbIuTWqsRCzdaCgLu%2BlGD06BJm%2B3ADz3XawUhC2FlBWnPTd32J8v89Q9kk8yfIKJHsOoITDqgxcug5bDZcEG3hkHLRT%2F9Ki6s1Gmiu1LYeq7BdYUsv4B8x9lTp%2BTFqZR3vn0fgh1f%2BbT%2F2%2FWHFz8CMxUyU%2BFD%2BQNBR90d3tAl2b%2BhS0serWe5TGSfTtZ8M6e5OP%2FFu2Kn1IavXLODz99kE2JSPrglbL5KUy7TjiVfXpWcC7OsDRPkuxW7KaKNwm5dLUxaZKsbby2vJJkRdiJ2BCrHhDz9BkyOyXNP7fQLX7r9O6QZwRQVkuKYzAJSH4Flu7DZvGc1gVFzHGUOyqIamkY0bypJoMQc06iC%2FReO5vWevYuOcUDzO0iTCl1ToasqUDWALc4P88wcX%2FnZnwYi5QwjZZz9SBl172y4Vp7UQi8QrajVZJxHgnGv2fBbvus2OA%2BabeG1kduxSD%2F4%2Bx8AAAD%2F%2FwEAAP%2F%2FerVDNJoEAAA%3D
173.233.139.164 7 B URL growledavenuejill.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReu3t3f6YcHZS8iwhwUVjCT7unuzIx7WFzXrMGYhP1DDuKhuqp6Uqa6q6nqnp6Ml%2BCC7HEWPHjsfJNsUJfV9SgIMvEiAWHHg%2BawAfEkyF6EBW8yk4HRB1Xvfe%2Brw%2Fe9V5%2FsFafEQ0FPNt7TfakUXQzrbu3Spky5Lm1t7VbNc%2Bvu5dqmTJeCy7Xe5DLdNzw3rLuv1a4Ltq0XG67nup7r1ZalEbHuLU5ZyOxB26u33XrQqHthgJ75L7aFA0sd8O4peQGSj%2F%2B39eMjSDZCmnx9TdjtXGevv50UiubaoMsPb6fbqS5TJPMyNg7i9HD2GtqOCfnsHHR6OHMA3d2fOEAkx8T5xUOUHs5kIuoenCmNFESKiP8fZXcEoUaQdASm70DyxwRgHGvrSJP7a9qUdOeMpRN2TC48%2BwuyHJMLTy4iTR5eVbJXu6lVkUudWvTiCrI3guyMkBVHyPsOZHkEln8MyX8ii89WkSb761ZpSH7ySpt7HhctsdBshnQhaAXxAo2Wmgvt5hKlARWuH9HpiKQcQcYjKDEAtQ6KyZEOithBkTlI%2BEmNhu3YdZtxFPt%2BK2CM%2BT5jYWuJh9wPWrGLgk08DJBnAzA1ADO7yMwutuW9x%2BGrMMX3sFsVLHdgc4Iur1AKgtISlJSglARlTlB2qwOubMNW97myReTNcmOW%2FWqo884ePdB5R6QE1Az2slPy%2FHR%2Bf%2BIlbIuTWqsRCzdaCgLu%2BlGD06BJm%2B3ADz3XawUhC2FlBWnPTd32J8v89Q9kk8yfIKJHsOoITDqgxcug5bDZcEG3hkHLRT%2F9Ki6s1Gmiu1LYeq7BdYUsv4B8x9lTp%2BTFqZR3vn0fgh1f%2BbT%2F2%2FWHFz8CMxUyU%2BFD%2BQNBR90d3tAl2b%2BhS0serWe5TGSfTtZ8M6e5OP%2FFu2Kn1IavXLODz99kE2JSPrglbL5KUy7TjiVfXpWcC7OsDRPkuxW7KaKNwm5dLUxaZKsbby2vJJkRdiJ2BCrHhDz9BkyOyXNP7fQLX7r9O6QZwRQVkuKYzAJSH4Flu7DZvGc1gVFzHGUOyqIamkY0bypJoMQc06iC%2FReO5vWevYuOcUDzO0iTCl1ToasqUDWALc4P88wcX%2FnZnwYi5QwjZZz9SBl172y4Vp7UQi8QrajVZJxHgnGv2fBbvus2OA%2BabeG1kduxSD%2F4%2Bx8AAAD%2F%2FwEAAP%2F%2FerVDNJoEAAA%3D
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReu3t3f6YcHZS8iwhwUVjCT7unuzIx7WFzXrMGYhP1DDuKhuqp6Uqa6q6nqnp6Ml%2BCC7HEWPHjsfJNsUJfV9SgIMvEiAWHHg%2BawAfEkyF6EBW8yk4HRB1Xvfe%2Brw%2Fe9V5%2FsFafEQ0FPNt7TfakUXQzrbu3Spky5Lm1t7VbNc%2Bvu5dqmTJeCy7Xe5DLdNzw3rLuv1a4Ltq0XG67nup7r1ZalEbHuLU5ZyOxB26u33XrQqHthgJ75L7aFA0sd8O4peQGSj%2F%2B39eMjSDZCmnx9TdjtXGevv50UiubaoMsPb6fbqS5TJPMyNg7i9HD2GtqOCfnsHHR6OHMA3d2fOEAkx8T5xUOUHs5kIuoenCmNFESKiP8fZXcEoUaQdASm70DyxwRgHGvrSJP7a9qUdOeMpRN2TC48%2BwuyHJMLTy4iTR5eVbJXu6lVkUudWvTiCrI3guyMkBVHyPsOZHkEln8MyX8ii89WkSb761ZpSH7ySpt7HhctsdBshnQhaAXxAo2Wmgvt5hKlARWuH9HpiKQcQcYjKDEAtQ6KyZEOithBkTlI%2BEmNhu3YdZtxFPt%2BK2CM%2BT5jYWuJh9wPWrGLgk08DJBnAzA1ADO7yMwutuW9x%2BGrMMX3sFsVLHdgc4Iur1AKgtISlJSglARlTlB2qwOubMNW97myReTNcmOW%2FWqo884ePdB5R6QE1Az2slPy%2FHR%2Bf%2BIlbIuTWqsRCzdaCgLu%2BlGD06BJm%2B3ADz3XawUhC2FlBWnPTd32J8v89Q9kk8yfIKJHsOoITDqgxcug5bDZcEG3hkHLRT%2F9Ki6s1Gmiu1LYeq7BdYUsv4B8x9lTp%2BTFqZR3vn0fgh1f%2BbT%2F2%2FWHFz8CMxUyU%2BFD%2BQNBR90d3tAl2b%2BhS0serWe5TGSfTtZ8M6e5OP%2FFu2Kn1IavXLODz99kE2JSPrglbL5KUy7TjiVfXpWcC7OsDRPkuxW7KaKNwm5dLUxaZKsbby2vJJkRdiJ2BCrHhDz9BkyOyXNP7fQLX7r9O6QZwRQVkuKYzAJSH4Flu7DZvGc1gVFzHGUOyqIamkY0bypJoMQc06iC%2FReO5vWevYuOcUDzO0iTCl1ToasqUDWALc4P88wcX%2FnZnwYi5QwjZZz9SBl172y4Vp7UQi8QrajVZJxHgnGv2fBbvus2OA%2BabeG1kduxSD%2F4%2Bx8AAAD%2F%2FwEAAP%2F%2FerVDNJoEAAA%3D HTTP/1.1
Host: growledavenuejill.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: u_pl=15507995; uid_id2=9d11de8e-775a-484f-ab67-976aa4ae03ba:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:14 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2190af4428d565176508ccb1ddc58f6d
Strict-Transport-Security: max-age=0; includeSubdomains
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.131 16 kB URL fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.131:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www4.fusionmovies.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Nov 2023 23:43:03 GMT
expires: Tue, 26 Nov 2024 23:43:03 GMT
cache-control: public, max-age=31536000
age: 603251
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
traumatizedenied.com/pixel/purst?dl=0&th=0&sc=0&rs=2525&rd=2525&fd=239&bv=23.12.v.1&tmpl=136
173.233.137.44 0 B URL traumatizedenied.com/pixel/purst?dl=0&th=0&sc=0&rs=2525&rd=2525&fd=239&bv=23.12.v.1&tmpl=136
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2525&rd=2525&fd=239&bv=23.12.v.1&tmpl=136 HTTP/1.1
Host: traumatizedenied.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:14 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
growledavenuejill.com/pixel/sbs?c=1
173.233.139.164 0 B URL growledavenuejill.com/pixel/sbs?c=1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: growledavenuejill.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Cookie: u_pl=15507995; uid_id2=9d11de8e-775a-484f-ab67-976aa4ae03ba:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:14 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www4.fusionmovies.to/addons/img/favicon/apple-touch-icon-114x114.png
104.21.69.70 5.8 kB URL www4.fusionmovies.to/addons/img/favicon/apple-touch-icon-114x114.png
IP 104.21.69.70:0
File type PNG image data, 114 x 114, 8-bit/color RGBA, non-interlaced\012- data
Hash bbf68c0e005cc35f16b9e1032e32226c
77e90f3cd4cb7bca0ccd042f859a131a6b759e53
01c3d8a6dabbd4cedccfce871f5bdf0a9367a44842e569056f2c8f9072066a65
GET /addons/img/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/film/deadpool-2/Wqccxzip
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f5b6b975-8318-4b40-8d29-1f8954290460%3A3%3A1; pp_main_b005c98326c3554c8acdc4604221173c=1; sb_main_82fe0b644d03b2da47a79435101845c5=1; sb_count_82fe0b644d03b2da47a79435101845c5=1; m5a4xojbcp2nx3gptmm633qal3gzmadn=heartsawpeat.com; pbpr0tpuw4isk85t8yg3jb2lj5vqf=growledavenuejill.com; pp_main_65aa283021630dfd9030555c4c61a78c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:14 GMT
content-type: image/png
content-length: 5823
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-16bf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.10:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1003264
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3gZ2MNWcJaCdqTZufu7Q4ZnZSEXjB3DDyhUMBlZGZg1cTUoNMBk6BJUdMxhsg7RgU42MBe4Icab9D5QSkQ9csohyE9J3rno6ZRV1qliPp4PE8V37QI5F6HUYSYUVoZR9HIgN7PG8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2fcfea556a8-OSL
alt-svc: h3=":443"; ma=86400
www4.fusionmovies.to/addons/img/favicon/favicon.png
104.21.69.70 7.0 kB URL www4.fusionmovies.to/addons/img/favicon/favicon.png
IP 104.21.69.70:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 020bd7c45518a2405abd43890a0261fe
fcb82e93770f5917775e0b81a67b7f591976562f
5c8dc21dae100d007cb808d33d500ea7dbdb287f0957fdc39c7dc568f729462c
GET /addons/img/favicon/favicon.png HTTP/1.1
Host: www4.fusionmovies.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/film/deadpool-2/Wqccxzip
Cookie: advanced-frontend=mdma5l4cvlpu8ulpm1m7hi9gp4; _tezer_top=4c91bb31fa214e15044107ab08b6072248b996a3f24652ba323b61d541d14ea7a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_tezer_top%22%3Bi%3A1%3Bs%3A11%3A%22top_tezer_3%22%3B%7D; _tezer_bottom=fc81626dc7940858d98f9ba49641ce9a1cc9c4adcf03cdcdfd06fa173eb1db18a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_tezer_bottom%22%3Bi%3A1%3Bs%3A14%3A%22bottom_tezer_3%22%3B%7D; _on_page=e9fc62b40b932ba8ae7e6835b6189f6506049f8e8410e15349688e402b8bf7f4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_on_page%22%3Bi%3A1%3Bs%3A8%3A%22onpage_1%22%3B%7D; _csrf-frontend=d4de528229b4be16a9422e7ff4c4ec9030068e2d218fcd045aec0dd110079f11a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22BfW85V_HC53FddbJFiXf1d0V0Nk73Wnu%22%3B%7D; _ga_SJHQC2SVWN=GS1.1.1701731837.1.0.1701731837.0.0.0; _ga=GA1.1.1061270545.1701731838; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f5b6b975-8318-4b40-8d29-1f8954290460%3A3%3A1; pp_main_b005c98326c3554c8acdc4604221173c=1; sb_main_82fe0b644d03b2da47a79435101845c5=1; sb_count_82fe0b644d03b2da47a79435101845c5=1; m5a4xojbcp2nx3gptmm633qal3gzmadn=heartsawpeat.com; pbpr0tpuw4isk85t8yg3jb2lj5vqf=growledavenuejill.com; pp_main_65aa283021630dfd9030555c4c61a78c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:17:14 GMT
content-type: image/png
content-length: 6998
last-modified: Tue, 13 Apr 2021 19:18:47 GMT
etag: "6075ee97-1b56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-upstream-addr: 10.0.0.7:443
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 736554
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJTl7xVYna1T7RbOpZFwtlec3Liuz53VPyyLHvpzTr1GxNaj9MBqvm0gl61dRPWN0%2FvbuOP13beI2MHO7BVFGCNapfuVU1x%2BkVw%2B9JGNFnscGU2dSXdt7pkn5OraL8P5lT3nsT6jVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307c2fcfea656a8-OSL
alt-svc: h3=":443"; ma=86400
conqueredallrightswell.com/cg53r56kn?key=e6fe2709bdeb59722916765a9e34f7c5&psid=14944260
173.233.137.36 1.4 kB URL conqueredallrightswell.com/cg53r56kn?key=e6fe2709bdeb59722916765a9e34f7c5&psid=14944260
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (492)
Hash fceca1e23b9e8b69cd3f517e1b0fead6
0f7b3505fbf52dea681ae7918d62ef0f2051bda9
900b74dcea5dbc2b19dc62b863633bfae508e67d2d7d5c102f0649396f30ba3e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cg53r56kn?key=e6fe2709bdeb59722916765a9e34f7c5&psid=14944260 HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www4.fusionmovies.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:17:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=15098591; expires=Tue, 05 Dec 2023 23:17:18 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTA5ODU5MSwiayI6ImU2ZmUyNzA5YmRlYjU5NzIyOTE2NzY1YTllMzRmN2M1Iiwic2lkIjoiMTQ5NDQyNjAiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJjZzUzcjU2a24iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3NC5mdXNpb25tb3ZpZXMudG8vIiwiYXIiOltdfX0.6qb4Uhc3X3eqeXmeKJ79l31WEh__sFYsZZCp5gWtBaI; expires=Mon, 04 Dec 2023 23:18:18 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 821abe5130a050f87e734d6e3f0094f1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
conqueredallrightswell.com/api/users?token=L2NnNTNyNTZrbj9rZXk9ZTZmZTI3MDliZGViNTk3MjI5MTY3NjVhOWUzNGY3YzUmcHNpZD0xNDk0NDI2MCZwc3Q9MTcwMTczMTg5OCZyZWZlcj1odHRwcyUzQSUyRiUyRnd3dzQuZnVzaW9ubW92aWVzLnRvJTJGJnJtdGM9dCZzaHU9ZGE1ZDMxYWQyN2JkYTE3YzdlN2M5ODAxNWIwOGM1MzhjOWI2MDU5YTNmM2I0OWIyZmZjZDE3OTY5ODRhNGFiNTVkZjdhOGVjM2FkMmM1ZDk2OGExM2U4NTU2ZWIwZDY1OGVjZTZhYWY0ZmI0N2Q2YTNkNWQzYjQxMzNiZTdlYmZkYjgzZmY2ZWViYmI1ZmE1YTUwYjAxYmI1NjI2MTlhZGMwYmZjZWRhMDQzOWFlYmRkNDMzZGVjYjAyM2VkOTA2ZWU%3D&uuid=&pii=&in=false
192.243.59.13 0 B URL conqueredallrightswell.com/api/users?token=L2NnNTNyNTZrbj9rZXk9ZTZmZTI3MDliZGViNTk3MjI5MTY3NjVhOWUzNGY3YzUmcHNpZD0xNDk0NDI2MCZwc3Q9MTcwMTczMTg5OCZyZWZlcj1odHRwcyUzQSUyRiUyRnd3dzQuZnVzaW9ubW92aWVzLnRvJTJGJnJtdGM9dCZzaHU9ZGE1ZDMxYWQyN2JkYTE3YzdlN2M5ODAxNWIwOGM1MzhjOWI2MDU5YTNmM2I0OWIyZmZjZDE3OTY5ODRhNGFiNTVkZjdhOGVjM2FkMmM1ZDk2OGExM2U4NTU2ZWIwZDY1OGVjZTZhYWY0ZmI0N2Q2YTNkNWQzYjQxMzNiZTdlYmZkYjgzZmY2ZWViYmI1ZmE1YTUwYjAxYmI1NjI2MTlhZGMwYmZjZWRhMDQzOWFlYmRkNDMzZGVjYjAyM2VkOTA2ZWU%3D&uuid=&pii=&in=false
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L2NnNTNyNTZrbj9rZXk9ZTZmZTI3MDliZGViNTk3MjI5MTY3NjVhOWUzNGY3YzUmcHNpZD0xNDk0NDI2MCZwc3Q9MTcwMTczMTg5OCZyZWZlcj1odHRwcyUzQSUyRiUyRnd3dzQuZnVzaW9ubW92aWVzLnRvJTJGJnJtdGM9dCZzaHU9ZGE1ZDMxYWQyN2JkYTE3YzdlN2M5ODAxNWIwOGM1MzhjOWI2MDU5YTNmM2I0OWIyZmZjZDE3OTY5ODRhNGFiNTVkZjdhOGVjM2FkMmM1ZDk2OGExM2U4NTU2ZWIwZDY1OGVjZTZhYWY0ZmI0N2Q2YTNkNWQzYjQxMzNiZTdlYmZkYjgzZmY2ZWViYmI1ZmE1YTUwYjAxYmI1NjI2MTlhZGMwYmZjZWRhMDQzOWFlYmRkNDMzZGVjYjAyM2VkOTA2ZWU%3D&uuid=&pii=&in=false HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://conqueredallrightswell.com/cg53r56kn?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=15098591
Cookie: u_pl=15098591; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTA5ODU5MSwiayI6ImU2ZmUyNzA5YmRlYjU5NzIyOTE2NzY1YTllMzRmN2M1Iiwic2lkIjoiMTQ5NDQyNjAiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJjZzUzcjU2a24iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3NC5mdXNpb25tb3ZpZXMudG8vIiwiYXIiOltdfX0.6qb4Uhc3X3eqeXmeKJ79l31WEh__sFYsZZCp5gWtBaI; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 23:17:19 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://shop.bigbasketshop.com/track?q=kghXWdDErq
Set-Cookie: iprc221dbd4d52238237a0b703e951c4bac4=4591122; expires=Tue, 05 Dec 2023 23:17:19 GMT
pdhtkv=true; expires=Tue, 05 Dec 2023 23:17:19 GMT
uncs=1; expires=Tue, 05 Dec 2023 23:17:19 GMT
pdhtkv28=true; expires=Tue, 05 Dec 2023 23:17:19 GMT
uncs28=1; expires=Tue, 05 Dec 2023 23:17:19 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 983c17fedc7ad8afcb22988f3e054a57
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.r2m03.amazontrust.com/
54.230.218.11 471 B URL ocsp.r2m03.amazontrust.com/
IP 54.230.218.11:0
Hash 2b6f1d09f14c0214f7fb6fe0214d7230
a8e867672d7627d4b680e33d7835e7f4f3dfed50
151b702bf210e7eabfec68c8abd2b16e6d2daa6fcf34ab118c1e481d7c8c7912
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Mon, 04 Dec 2023 23:17:20 GMT
Last-Modified: Mon, 04 Dec 2023 23:10:58 GMT
Server: ECAcc (ska/F7AF)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Py3bog9UGiSHb7p4DOKEX9k0klE5U-82Lg3K9NuXSp-LmHQpvLA5rg==
Age: 382
clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
3.74.232.250200 OK 3.6 kB URL User Request POST HTTP/2 clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
IP 3.74.232.250:443
Certificate IssuerAmazon
Subject*.tradedoubler.com
FingerprintE6:E6:D1:02:6C:9A:BE:00:C1:0E:B5:BC:61:D1:C1:FD:74:73:C4:9E
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (314)
Hash dffa9bac5be3f386079d2028d8264f59
e264575195c6ca302170a308b3da31f924b6d60c
43ffd816104a86bae1d1e75330e61c304463fcf25e6bdb5086c34a944b1e4c68
GET /click?p=225780&a=3238748&epi=TerraD HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shop.bigbasketshop.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:17:20 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 3610
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
referrer-policy: origin
X-Firefox-Spdy: h2
vht.tradedoubler.com/fp/fpjs.js
54.230.111.4 7.7 kB URL vht.tradedoubler.com/fp/fpjs.js
IP 54.230.111.4:0
File type ASCII text, with very long lines (19960)
Hash e967d9e86ec8ff44db0e24766ced642f
bd488430b8b4283eb82afda802a075cf841c29d3
040dff2a9b3d08a4654dec367d93f2b994a8ea0e573950d5561c0022af4a3c3a
GET /fp/fpjs.js HTTP/1.1
Host: vht.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7718
Connection: keep-alive
Date: Sat, 02 Dec 2023 03:49:02 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 09 Oct 2023 08:54:59 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jXSqUowQMf_xmmYnJowqlUOPDbKuyiWvxTVu4zhY2x6xttsiRHo5zA==
Age: 242898
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
clk.tradedoubler.com/favicon.ico
3.74.232.250404 Not Found 193 B URL GET HTTP/2 clk.tradedoubler.com/favicon.ico
IP 3.74.232.250:443
Requested by https://clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
Certificate IssuerAmazon
Subject*.tradedoubler.com
FingerprintE6:E6:D1:02:6C:9A:BE:00:C1:0E:B5:BC:61:D1:C1:FD:74:73:C4:9E
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 523cbcb278f348bbe64563fe4cc9f435
5a436481b66ccb6dff53c5e1a14c08ef0b4a8e4b
37b6ca25983f4126bd10c135684bc8f421c8b48a5bdb75b5ad69c849035a84f4
GET /favicon.ico HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Mon, 04 Dec 2023 23:17:20 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 193
X-Firefox-Spdy: h2
clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
3.74.232.250200 OK 150 B URL User Request POST HTTP/2 clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
IP 3.74.232.250:443
Certificate IssuerAmazon
Subject*.tradedoubler.com
FingerprintE6:E6:D1:02:6C:9A:BE:00:C1:0E:B5:BC:61:D1:C1:FD:74:73:C4:9E
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash dc03e2e45f5c0d5e02f319e7f1e957cf
47725bedccb4c387bfc904021658cc7b343927ab
f064d039c1745fafca89f95ad9748a95b6ed51a78270b7feee25e968faef36b7
POST /click?p=225780&a=3238748&epi=TerraD HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 90
Origin: https://clk.tradedoubler.com
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:17:20 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 150
set-cookie: GUID=1z11zz14Oz1NuDh2z38bc78aade60bdc9bb4394b425d4390c;expires=Tue, 03-Dec-2024 23:17:20 GMT;path=/;domain=.tradedoubler.com
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
referrer-policy: origin
X-Firefox-Spdy: h2
clk.tradedoubler.com/favicon.ico
3.74.232.250404 Not Found 193 B URL GET HTTP/2 clk.tradedoubler.com/favicon.ico
IP 3.74.232.250:443
Requested by https://clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
Certificate IssuerAmazon
Subject*.tradedoubler.com
FingerprintE6:E6:D1:02:6C:9A:BE:00:C1:0E:B5:BC:61:D1:C1:FD:74:73:C4:9E
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 523cbcb278f348bbe64563fe4cc9f435
5a436481b66ccb6dff53c5e1a14c08ef0b4a8e4b
37b6ca25983f4126bd10c135684bc8f421c8b48a5bdb75b5ad69c849035a84f4
GET /favicon.ico HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
DNT: 1
Connection: keep-alive
Cookie: GUID=1z11zz14Oz1NuDh2z38bc78aade60bdc9bb4394b425d4390c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Mon, 04 Dec 2023 23:17:21 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 193
X-Firefox-Spdy: h2