Report - movearnpre.com/file/8vnxvx2o4vu7

Report Overview

Visited public
2025-05-18 12:11:25
Tags
URL
movearnpre.com/file/8vnxvx2o4vu7
Finishing URL
movearnpre.com/file/8vnxvx2o4vu7
IP / ASN
172.67.203.35
#13335 CLOUDFLARENET
Title
Watch Saving Them Both For Marriage

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-05-14	435 B	385 kB	142.250.74.168
movearnpre.com	unknown	unknown	No data	No data	8.8 kB	1.4 MB	104.21.77.17
layback.cc	unknown	2024-08-10	2025-03-15	2025-05-16	1.3 kB	1.2 MB	172.67.191.217
pfabiwmfmeza.milocdn.com	unknown	2024-08-10	2025-05-18	2025-05-18	2.5 kB	1.9 MB	45.156.158.23
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-05-14	471 B	4.3 kB	142.250.74.10
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-05-14	1.6 kB	26 kB	142.250.74.35
ng.hereofcineols.com	unknown	2025-01-17	2025-01-29	2025-04-16	427 B	1.5 kB	23.109.170.227
jouwaikekaivep.net	unknown	2024-10-30	2024-11-02	2025-04-19	416 B	104 kB	172.67.195.43
x3os.com	unknown	2021-03-18	2025-04-24	2025-05-15	561 B	809 B	139.45.196.64

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-05-18	medium	hereofcineols.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (24)

	URL	From	Size	First Seen	Last Seen
	ng.hereofcineols.com/twLvtGRo8Uhel/62124	ScriptElement	5 B	2023-03-07	2025-06-23
Pretty URL ng.hereofcineols.com/twLvtGRo8Uhel/62124 IP 23.109.170.227 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2025-06-23 01:50 Times Seen6418 Hash f7a2939527fd9e68723da600e96d76bd a9e717b6364d2895ee0a716050db32ca0ef1bb42 d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a Loading...

	movearnpre.com/file/8vnxvx2o4vu7	ScriptElement	153 B	2025-05-10	2025-06-20
Pretty URL movearnpre.com/file/8vnxvx2o4vu7 IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-10 11:08 Last Seen2025-06-20 18:52 Times Seen10 Hash 13734aa9c93c039107d6e183ad18d72a 782638bcb9e092580c491b7c0f0c65a131512118 87081bc5290094ee96abe8489cf1a4fb57c2efff22e52efda12a6b0364a57239 Loading...

	movearnpre.com/player/jw8/jwplayer.core.controls.js?v=42	ScriptElement	331 kB	2024-12-01	2025-06-23
Pretty URL movearnpre.com/player/jw8/jwplayer.core.controls.js?v=42 IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-01 14:07 Last Seen2025-06-23 03:20 Times Seen85 Hash bc91b5efc8f4bb2482c2d7d5d8d9b691 5db922c4c6caf3a7d22f57a21670281d5c31994b f061c139ad68d7ed1360ab6a2c8842466d2913582468c48eb2d1ee2a651fb495 Loading...

	movearnpre.com/static/js/app.js?	ScriptElement	120 B	2023-05-24	2025-06-07
Pretty URL movearnpre.com/static/js/app.js? IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-24 01:42 Last Seen2025-06-07 06:12 Times Seen79 Hash a79f8fabfb7648a13210846a85a88cf7 6712b8182af3de12fda154bee96ff127cfc963fe ec33448e18837c25e8bad49acb1b6d8a67f9aa49b2804bcd4c8d109ae4e96754 Loading...

	movearnpre.com/js/jquery.cookie.js	ScriptElement	4.3 kB	2023-03-07	2025-06-23
Pretty URL movearnpre.com/js/jquery.cookie.js IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-23 03:50 Times Seen1693 Hash ae0c2c5d8f01f7d35bb698bb618a62f7 63556a22ddea1c5f23a5cf7d0b6d35c7aab54e20 75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc Loading...

	movearnpre.com/static/js/xupload.js?	ScriptElement	14 kB	2024-12-20	2025-06-07
Pretty URL movearnpre.com/static/js/xupload.js? IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-20 09:13 Last Seen2025-06-07 06:12 Times Seen20 Hash 1be9e64c09c4be762646bfac494d5a4c 5ec4c04c97217366b17c547b4f7d1fd603a70c73 7c2338576a43210cb210a6b7af1d267b431caa95c9f451a4d9f284bad165d294 Loading...

	movearnpre.com/file/8vnxvx2o4vu7	ScriptElement	526 B	2025-05-18	2025-06-07
Pretty URL movearnpre.com/file/8vnxvx2o4vu7 IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-18 12:11 Last Seen2025-06-07 06:12 Times Seen4 Hash c395a456afc6a72d445625a32f67d6ff 85bbb4612eec0b3233c91704a37e47cdf18088b3 00fb12ba70f04235aeeed76590e44ef41b073f1d949a165ffa6758ec2395324a Loading...

	movearnpre.com/js/localstorage-slim.js	ScriptElement	2.1 kB	2023-03-07	2025-06-23
Pretty URL movearnpre.com/js/localstorage-slim.js IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52 Last Seen2025-06-23 03:20 Times Seen587 Hash ba6facacb00551830393d637195804cf 77d2d2802ee44767b33a2d679945cc3efa3619cc 41bb37c8133d8e5c128820cfbe03bcbf63ce256bcbd60a1a76143472d8668e38 Loading...

	movearnpre.com/js/tabber.js	ScriptElement	6.1 kB	2023-03-07	2025-06-20
Pretty URL movearnpre.com/js/tabber.js IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03 Last Seen2025-06-20 16:20 Times Seen209 Hash f6be5160018c4101fa76b42650b5a1a6 d8d3efdadf32bb4fd6daac619575969b241d2864 c8a84372ece060ed361527a4517edace8aff92d6288323c52c8333500e1ae70a Loading...

	movearnpre.com/static/js/bootstrap.bundle.min.js?	ScriptElement	80 kB	2023-03-07	2025-06-22
Pretty URL movearnpre.com/static/js/bootstrap.bundle.min.js? IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27 Last Seen2025-06-22 21:35 Times Seen1044 Hash 2faceb2d3db75ced808545e78fab94ed c663baa051856b64d746629a961e23bbf0fbaf8c c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f Loading...

	movearnpre.com/file/8vnxvx2o4vu7	ScriptElement	851 B	2025-05-18	2025-05-18
Pretty URL movearnpre.com/file/8vnxvx2o4vu7 IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-18 12:11 Last Seen2025-05-18 12:11 Times Seen1 Hash 0eca6fa7792bae8dbdc1f8bee93b095a 81927368a35d783698adafe4b850e31733860b6b cd855eeb26386a2bec31deba89c841f881850c077d7182a80c73c233ef819bac Loading...

	movearnpre.com/file/8vnxvx2o4vu7	ScriptElement	53 B	2023-03-29	2025-06-20
Pretty URL movearnpre.com/file/8vnxvx2o4vu7 IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 22:26 Last Seen2025-06-20 18:52 Times Seen156 Hash 4850721277c7d8758ba7c9ec2256469b 6ffc7ffe25c8cc9f8b8aeaa0409becfb8bf76e26 18e4d0daeea338888efa2cd480b1981e06f9aafd175bda6a119db7009d6c949c Loading...

	movearnpre.com/file/8vnxvx2o4vu7	ScriptElement	60 B	2023-03-07	2025-06-23
Pretty URL movearnpre.com/file/8vnxvx2o4vu7 IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-06-23 03:20 Times Seen435 Hash 76cc6a7775b7b653ba5a7d7f9cea4eb4 6484c7b286038e9a60c38f4adc61e6ba30062c91 a00f1ced7d3bab63e82c08fdb0b05b0e9659805756c15b085c2b9804671302c9 Loading...

	movearnpre.com/player/jw8/jwplayer.js?v=6	ScriptElement	148 kB	2025-04-01	2025-06-23
Pretty URL movearnpre.com/player/jw8/jwplayer.js?v=6 IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-01 21:32 Last Seen2025-06-23 03:20 Times Seen45 Hash 581ff912c413cd78a30f5c212f42271a 79af689432d0f20cd1d951eb9436711da07decd4 c708d26c24b48c3343e8cc7879d07e8ca6f23d1cc1e5df165a9f8e24a7c5830e Loading...

	movearnpre.com/file/8vnxvx2o4vu7	ScriptElement	7.0 kB	2025-05-18	2025-05-18
Pretty URL movearnpre.com/file/8vnxvx2o4vu7 IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-18 12:11 Last Seen2025-05-18 12:11 Times Seen1 Hash 009fce671c140a9b18e88ab584b158db 2a61650fb19b74f45fc376c18aad749c1f741f26 2470bc84c2d485889cface5f54cf0d03eb255863be1b1a30013dba80120c4bbb Loading...

	movearnpre.com/file/8vnxvx2o4vu7	Eval	7.5 kB	2025-05-18	2025-05-18
Pretty URL movearnpre.com/file/8vnxvx2o4vu7 IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-18 12:11 Last Seen2025-05-18 12:11 Times Seen1 Hash f303c3c72b71e9fac25a11e32a3c9583 94b310f1a39f7920b176d553dd2246de4310f764 d05e319f3e4c7f6e0902395f73656142b8bb648c25b441ffe27c5a650420a8be Loading...

	movearnpre.com/assets/jquery/css100.js?v=1.1	ScriptElement	5.5 kB	2025-05-18	2025-05-18
Pretty URL movearnpre.com/assets/jquery/css100.js?v=1.1 IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-18 12:11 Last Seen2025-05-18 12:11 Times Seen1 Hash 82627f1f107041b70a5b0dc926613eb1 7820d851e12917736ca856684d3391a864e1d6cc 4673a7261358481af483796531081e567810eca4f75d3ba083f71d200869b469 Loading...

	movearnpre.com/static/js/jquery-3.2.1.min.js?	ScriptElement	87 kB	2023-03-07	2025-06-23
Pretty URL movearnpre.com/static/js/jquery-3.2.1.min.js? IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-23 04:48 Times Seen38535 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	movearnpre.com/file/8vnxvx2o4vu7	ScriptElement	760 B	2024-12-23	2025-06-02
Pretty URL movearnpre.com/file/8vnxvx2o4vu7 IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-23 11:41 Last Seen2025-06-02 00:39 Times Seen11 Hash b4bed82b36017d64fd767676327f569e e71e6646545b89eb1550cfb76dc9be434fc74a7f c03e2288e9737967da2b5cac74e898eee5e7406dbc7c44869d7f1ef03ee616d6 Loading...

	www.googletagmanager.com/gtag/js?id=G-48ZJD1VPGZ	ScriptElement	384 kB	2025-05-18	2025-05-18
Pretty URL www.googletagmanager.com/gtag/js?id=G-48ZJD1VPGZ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-18 12:11 Last Seen2025-05-18 12:11 Times Seen1 Hash 683168fa8e87c46a0659bdc78583a70b 31835f8443f09c07f44787e7611a6b943eaf24cc b32c63695e2e0003784e86bfaf827a8fd06f938aa44eae06cd85fefc7aa5af81 Loading...

	movearnpre.com/player/jw8/provider.hlsjs.js?v=42	ScriptElement	462 kB	2025-04-01	2025-06-23
Pretty URL movearnpre.com/player/jw8/provider.hlsjs.js?v=42 IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-01 21:32 Last Seen2025-06-23 03:20 Times Seen45 Hash b88ce761b9ebc2a7859a2e03b33ce1ed 70d94f3c48460af13fc14eea9e5969f8f28d1a3a 0b009d01bf513b1059d8ee15e1a8b57faeb5f8066c0f47d2cf8e1dd2454e5b28 Loading...

	movearnpre.com/ad?type=959544357405	ScriptElement	4.1 kB	2025-02-26	2025-06-20
Pretty URL movearnpre.com/ad?type=959544357405 IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-26 03:12 Last Seen2025-06-20 18:52 Times Seen28 Hash 6374a71794fb1b28a620e89fb3453bae ff2b29384e980be738e9e1affd60c6f0e5606cca 32f12bce51e57ec5c4f423f5f01b81e40c96c6449ec90abaff1430d82a3994bf Loading...

	movearnpre.com/file/8vnxvx2o4vu7	ScriptElement	46 B	2024-12-23	2025-06-02
Pretty URL movearnpre.com/file/8vnxvx2o4vu7 IP 104.21.77.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-23 11:41 Last Seen2025-06-02 00:39 Times Seen11 Hash 1e7a15c9e7fe5185acb50716d02550c8 2757ed6f8f5464965b8c249b7f24a5dacfc103cf ecc117fda79f83a3eac500870e3b3994c7b6c9c4475463d0a0d73bdee41c9bf6 Loading...

	jouwaikekaivep.net/tag.min.js	ScriptElement	103 kB	2025-05-16	2025-05-21
Pretty URL jouwaikekaivep.net/tag.min.js IP 172.67.195.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-16 17:22 Last Seen2025-05-21 12:20 Times Seen15 Hash ddc19ab0a69d5eedcce14aa435f8209f 6fe055a3ccf187da759a514a89c37f37db368682 6246e5559eba7b5f91b71a1e5f976ef939079312de24883f5540e0a2a02cb89e Loading...

HTTP Transactions (33)

URL IP Response Size

GET www.googletagmanager.com/gtag/js?id=G-48ZJD1VPGZ

142.250.74.168

200 OK

384 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-48ZJD1VPGZ
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint02:7D:56:C0:B9:20:0C:27:A4:AC:B9:8F:9D:45:1D:85:2A:30:50:AD
ValidityMon, 21 Apr 2025 08:40:41 GMT - Mon, 14 Jul 2025 08:40:40 GMT

File type
JavaScript source, ASCII text, with very long lines (6125)
Size
384 kB (384101 bytes)
Hash
683168fa8e87c46a0659bdc78583a70b
31835f8443f09c07f44787e7611a6b943eaf24cc
b32c63695e2e0003784e86bfaf827a8fd06f938aa44eae06cd85fefc7aa5af81

HTTP Headers

GET /gtag/js?id=G-48ZJD1VPGZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 May 2025 12:11:03 GMT
expires: Sun, 18 May 2025 12:11:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
server: Google Tag Manager
content-length: 128499
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET movearnpre.com/js/localstorage-slim.js

104.21.77.17

200 OK

2.1 kB

URL GET
movearnpre.com/js/localstorage-slim.js
IP
104.21.77.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectmovearnpre.com
FingerprintC8:8B:4B:E0:C4:64:26:FC:A6:4D:79:32:63:27:79:A4:67:31:BF:8B
ValidityTue, 13 May 2025 08:18:57 GMT - Mon, 11 Aug 2025 09:16:35 GMT

File type
JavaScript source, ASCII text, with very long lines (2063)
Size
2.1 kB (2064 bytes)
Hash
ba6facacb00551830393d637195804cf
77d2d2802ee44767b33a2d679945cc3efa3619cc
41bb37c8133d8e5c128820cfbe03bcbf63ce256bcbd60a1a76143472d8668e38

HTTP Headers

GET /js/localstorage-slim.js HTTP/1.1
Host: movearnpre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/file/8vnxvx2o4vu7
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fEvp0TMYlZ%2Fcx8hwRKAvsDuz6nnAAZmC4zAR4NkPuncgGop%2BC87yWC1PoQN6Mhnt3KjoLcPVsqDOwOxq7gFOYVjVxz7feLnbLfg1lmL1xbXmWEOc%2FMQWd%2FpJ1KVrBvlZfw%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 16 Nov 2021 10:32:06 GMT
etag: "619388a6-810"
expires: Tue, 20 May 2025 11:48:06 GMT
cache-control: max-age=604800
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
age: 433376
cf-cache-status: HIT
vary: accept-encoding
cf-ray: 941b413fdd2556ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2440&min_rtt=670&rtt_var=1480&sent=181&recv=74&lost=0&retrans=0&sent_bytes=152524&recv_bytes=7137&delivery_rate=24345080&cwnd=88800&unsent_bytes=0&cid=e77c3646ada7a3bf&ts=226&x=16"

GET layback.cc/8vnxvx2o4vu7.jpg

172.67.191.217

200 OK

41 kB

URL GET
layback.cc/8vnxvx2o4vu7.jpg
IP
172.67.191.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectlayback.cc
FingerprintA4:EF:6D:10:15:7E:28:E5:B2:9B:1A:79:58:4A:42:AD:42:63:B6:A8
ValidityFri, 09 May 2025 17:15:02 GMT - Thu, 07 Aug 2025 18:12:38 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 621x350, components 3
Size
41 kB (40902 bytes)
Hash
a56b0212861130b30e421e4343d9a2c9
e7d6cb77dac3d7922f9656d1bf5c4785a30c9295
b641382c8f87f807a1a3d647235d27adbcdc54daf0f0bb1920c6357b59907ee5

HTTP Headers

GET /8vnxvx2o4vu7.jpg HTTP/1.1
Host: layback.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: image/jpeg
content-length: 40902
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Thu, 08 May 2025 15:27:53 GMT
etag: "681ccd79-9fc6"
expires: Sun, 25 May 2025 12:09:38 GMT
cache-control: max-age=604800
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Rb8RY7fg1kLpTuD8gROhqF2KsrXNXPR7Iv70SF2HTMNJYLCAq4t9JhC7XERWCMLohQD3mLvGPYAn0Z8G6IYSdFOXS4lpzgQc"}]}
cf-ray: 941b41402eaf1c02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET movearnpre.com/js/tabber.js

104.21.77.17

200 OK

6.1 kB

URL GET
movearnpre.com/js/tabber.js
IP
104.21.77.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectmovearnpre.com
FingerprintC8:8B:4B:E0:C4:64:26:FC:A6:4D:79:32:63:27:79:A4:67:31:BF:8B
ValidityTue, 13 May 2025 08:18:57 GMT - Mon, 11 Aug 2025 09:16:35 GMT

File type
ASCII text, with very long lines (538)
Size
6.1 kB (6147 bytes)
Hash
f6be5160018c4101fa76b42650b5a1a6
d8d3efdadf32bb4fd6daac619575969b241d2864
c8a84372ece060ed361527a4517edace8aff92d6288323c52c8333500e1ae70a

HTTP Headers

GET /js/tabber.js HTTP/1.1
Host: movearnpre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/file/8vnxvx2o4vu7
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tdsKkuibNMDtTUSUpDdt2TQSLkNf1FhJhdFKls5WRx%2F4kuWTBcH%2FO0JqCNVys0QEi9Ftx5YOX7VODrM4RPCKd8o2gstP3FNgkSN%2F9e%2FPQpKMazRcrgHQKh%2Bs9LfCCntB1A%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 06 Jul 2010 14:48:14 GMT
etag: W/"4c33422e-1803"
expires: Wed, 21 May 2025 03:49:14 GMT
cache-control: max-age=604800
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
age: 375708
cf-cache-status: HIT
vary: accept-encoding
cf-ray: 941b413fdd2856ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3410&min_rtt=670&rtt_var=1722&sent=91&recv=69&lost=0&retrans=0&sent_bytes=51446&recv_bytes=6902&delivery_rate=696070&cwnd=28800&unsent_bytes=0&cid=e77c3646ada7a3bf&ts=215&x=16"

GET pfabiwmfmeza.milocdn.com/hls2/01/05043/k6d3ws5pkaem_n/master.m3u8?t=evhjzHlvvlCgyQXnyOTo_JHx6LUYZfumDBLvz-K8ZLs&s=1747570262&e=129600&f=25226660&srv=56wXoBghBqID&i=0.4&sp=500&p1=56wXoBghBqID&p2=56wXoBghBqID&asn=50304

45.156.158.23

200 OK

554 B

URL GET
pfabiwmfmeza.milocdn.com/hls2/01/05043/k6d3ws5pkaem_n/master.m3u8?t=evhjzHlvvlCgyQXnyOTo_JHx6LUYZfumDBLvz-K8ZLs&s=1747570262&e=129600&f=25226660&srv=56wXoBghBqID&i=0.4&sp=500&p1=56wXoBghBqID&p2=56wXoBghBqID&asn=50304
IP
45.156.158.23:443
ASN
#209155 Onehostplanet s.r.o.

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerSectigo Limited
Subject*.milocdn.com
FingerprintFD:55:A0:A2:C2:CC:FC:32:F1:7B:E4:E4:18:64:BA:BA:6B:CB:D8:38
ValidityThu, 21 Nov 2024 00:00:00 GMT - Fri, 21 Nov 2025 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
554 B (554 bytes)
Hash
23a229f87df9af5a23f7a049fdf229f0
625d293f953a82618adab52b472e255c1e566266
b106a0ff52fc4bfeccef5390a5de49fd0de7638620b8b0df844f620736f15a82

HTTP Headers

GET /hls2/01/05043/k6d3ws5pkaem_n/master.m3u8?t=evhjzHlvvlCgyQXnyOTo_JHx6LUYZfumDBLvz-K8ZLs&s=1747570262&e=129600&f=25226660&srv=56wXoBghBqID&i=0.4&sp=500&p1=56wXoBghBqID&p2=56wXoBghBqID&asn=50304 HTTP/1.1
Host: pfabiwmfmeza.milocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movearnpre.com
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 May 2025 12:11:04 GMT
Content-Type: application/vnd.apple.mpegurl
Last-Modified: Sun, 18 May 2025 12:11:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 26 Aug 2025 12:11:04 GMT
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
X-Cache-Status: MISS
Content-Encoding: gzip

GET movearnpre.com/player/jw8/provider.hlsjs.js?v=42

104.21.77.17

200 OK

462 kB

URL GET
movearnpre.com/player/jw8/provider.hlsjs.js?v=42
IP
104.21.77.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectmovearnpre.com
FingerprintC8:8B:4B:E0:C4:64:26:FC:A6:4D:79:32:63:27:79:A4:67:31:BF:8B
ValidityTue, 13 May 2025 08:18:57 GMT - Mon, 11 Aug 2025 09:16:35 GMT

File type
JavaScript source, ASCII text, with very long lines (65501)
Size
462 kB (461504 bytes)
Hash
b88ce761b9ebc2a7859a2e03b33ce1ed
70d94f3c48460af13fc14eea9e5969f8f28d1a3a
0b009d01bf513b1059d8ee15e1a8b57faeb5f8066c0f47d2cf8e1dd2454e5b28

HTTP Headers

GET /player/jw8/provider.hlsjs.js?v=42 HTTP/1.1
Host: movearnpre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/file/8vnxvx2o4vu7
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d1m8aYG4SBEIxyIBg3DoWr9fGEgx1pDnfkw5UejF%2BcxpwZ3W9Vqwrgq%2F2wpjICMQItIJaeda%2FcL1Ui4c9d5076ztLEbIf%2FpenukmXrgXkgUGFt2vCWGqW6M60g7C5ByI6w%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 28 Mar 2025 05:48:27 GMT
etag: W/"70ac0-631609e8e20c0"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1014
cf-ray: 941b4142dd6356ab-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2385&min_rtt=670&rtt_var=1238&sent=195&recv=80&lost=0&retrans=0&sent_bytes=163639&recv_bytes=7905&delivery_rate=1259351&cwnd=88800&unsent_bytes=0&cid=e77c3646ada7a3bf&ts=691&x=16"

GET movearnpre.com/static/images/favicon/apple-touch-icon.png

104.21.77.17

200 OK

6.1 kB

URL GET
movearnpre.com/static/images/favicon/apple-touch-icon.png
IP
104.21.77.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectmovearnpre.com
FingerprintC8:8B:4B:E0:C4:64:26:FC:A6:4D:79:32:63:27:79:A4:67:31:BF:8B
ValidityTue, 13 May 2025 08:18:57 GMT - Mon, 11 Aug 2025 09:16:35 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
6.1 kB (6083 bytes)
Hash
4d6f993b516b825d65a8df3f303cbe2c
c4d69b61828d879b9ebb09898b0bf63ad225dacb
c4f4521cb83536a91aaa40ee1615dc1ff9570c17db691cd6957c53819e486ee8

HTTP Headers

GET /static/images/favicon/apple-touch-icon.png HTTP/1.1
Host: movearnpre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/file/8vnxvx2o4vu7
Cookie: lang=1; _ga_48ZJD1VPGZ=GS2.1.s1747570263$o1$g0$t1747570263$j0$l0$h0; _ga=GA1.1.119171587.1747570264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: image/png
content-length: 6083
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YGeH1prqrwNcyXafh5bs6sXbJjqwBkAzQDjmKWy%2FaUniiDlwGbKqfXcIadJxwBKe%2BNgb0ZlpD5E0WYqACNvum8%2B3H9Xuy%2BliruJLU7IgLzppcIeDFGmMKCJ3bWsBMeavwg%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 07 Dec 2024 13:03:48 GMT
etag: "17c3-628adc31a5500"
accept-ranges: bytes
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
age: 2817
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 941b4144bd8e56ab-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2650&min_rtt=670&rtt_var=1108&sent=394&recv=85&lost=0&retrans=0&sent_bytes=397330&recv_bytes=8827&delivery_rate=17835000&cwnd=177600&unsent_bytes=0&cid=e77c3646ada7a3bf&ts=995&x=16"

GET movearnpre.com/ad?type=959544357405

104.21.77.17

200 OK

4.1 kB

URL GET
movearnpre.com/ad?type=959544357405
IP
104.21.77.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectmovearnpre.com
FingerprintC8:8B:4B:E0:C4:64:26:FC:A6:4D:79:32:63:27:79:A4:67:31:BF:8B
ValidityTue, 13 May 2025 08:18:57 GMT - Mon, 11 Aug 2025 09:16:35 GMT

File type
JavaScript source, ASCII text, with very long lines (4127), with no line terminators
Size
4.1 kB (4127 bytes)
Hash
6374a71794fb1b28a620e89fb3453bae
ff2b29384e980be738e9e1affd60c6f0e5606cca
32f12bce51e57ec5c4f423f5f01b81e40c96c6449ec90abaff1430d82a3994bf

HTTP Headers

GET /ad?type=959544357405 HTTP/1.1
Host: movearnpre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/file/8vnxvx2o4vu7
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sJ%2BzfBE1twTmZB9U5coUfLhbsisu9pYNcVKAerNoiq0is6nF47h%2Bk9sm1SeX5TAWdPgSYicWPpBtb%2BVAOSzfd3JE9Xx%2FCO7nPROh%2FW4dg6YMlsbaG4lyIsHQuFsluSaSAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 22 Feb 2025 04:47:09 GMT
etag: W/"101f-62eb3ccbaf1b9"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
cf-ray: 941b413fdd2656ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2679&min_rtt=670&rtt_var=1262&sent=188&recv=76&lost=0&retrans=0&sent_bytes=159284&recv_bytes=7235&delivery_rate=1286743&cwnd=88800&unsent_bytes=0&cid=e77c3646ada7a3bf&ts=287&x=16"

GET pfabiwmfmeza.milocdn.com/hls2/01/05043/k6d3ws5pkaem_n/seg-1-v1-a1.ts?t=evhjzHlvvlCgyQXnyOTo_JHx6LUYZfumDBLvz-K8ZLs&s=1747570262&e=129600&f=25226660&srv=56wXoBghBqID&i=0.4&sp=500&p1=56wXoBghBqID&p2=56wXoBghBqID&asn=50304

45.156.158.23

200 OK

551 kB

URL GET
pfabiwmfmeza.milocdn.com/hls2/01/05043/k6d3ws5pkaem_n/seg-1-v1-a1.ts?t=evhjzHlvvlCgyQXnyOTo_JHx6LUYZfumDBLvz-K8ZLs&s=1747570262&e=129600&f=25226660&srv=56wXoBghBqID&i=0.4&sp=500&p1=56wXoBghBqID&p2=56wXoBghBqID&asn=50304
IP
45.156.158.23:443
ASN
#209155 Onehostplanet s.r.o.

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerSectigo Limited
Subject*.milocdn.com
FingerprintFD:55:A0:A2:C2:CC:FC:32:F1:7B:E4:E4:18:64:BA:BA:6B:CB:D8:38
ValidityThu, 21 Nov 2024 00:00:00 GMT - Fri, 21 Nov 2025 23:59:59 GMT

File type
MPEG transport stream data
Size
551 kB (550840 bytes)
Hash
68c338881e0f9b4ea75dba5130956597
1a25fcf4fc6aa4341e3b1bec8ddc0ae045496b6e
79f5ab998256d7c378e29b57ca413f33fcf8886ecb6bef5d8435e7387be3ac42

HTTP Headers

GET /hls2/01/05043/k6d3ws5pkaem_n/seg-1-v1-a1.ts?t=evhjzHlvvlCgyQXnyOTo_JHx6LUYZfumDBLvz-K8ZLs&s=1747570262&e=129600&f=25226660&srv=56wXoBghBqID&i=0.4&sp=500&p1=56wXoBghBqID&p2=56wXoBghBqID&asn=50304 HTTP/1.1
Host: pfabiwmfmeza.milocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movearnpre.com
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 May 2025 12:11:04 GMT
Content-Type: video/MP2T
Content-Length: 550840
Connection: keep-alive
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Expires: Tue, 26 Aug 2025 12:11:04 GMT
ETag: "5f693e80-867b8"
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Cache-Status: MISS

GET layback.cc/8vnxvx2o4vu7.jpg?v=50304

172.67.191.217

200 OK

41 kB

URL GET
layback.cc/8vnxvx2o4vu7.jpg?v=50304
IP
172.67.191.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectlayback.cc
FingerprintA4:EF:6D:10:15:7E:28:E5:B2:9B:1A:79:58:4A:42:AD:42:63:B6:A8
ValidityFri, 09 May 2025 17:15:02 GMT - Thu, 07 Aug 2025 18:12:38 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 621x350, components 3
Size
41 kB (40902 bytes)
Hash
a56b0212861130b30e421e4343d9a2c9
e7d6cb77dac3d7922f9656d1bf5c4785a30c9295
b641382c8f87f807a1a3d647235d27adbcdc54daf0f0bb1920c6357b59907ee5

HTTP Headers

GET /8vnxvx2o4vu7.jpg?v=50304 HTTP/1.1
Host: layback.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: image/jpeg
content-length: 40902
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DItEbsfxsjtDgUhjQuwhztZ4Z2%2F674LoAZKolkgbOBxXL3IDn%2F34QnqDxFLFWXD%2BlFG7zrUwt000AMi6qXTRPeXWD7%2FlxNOpid3jY4vRkd82ym9qYiRGiTXZyBkJ"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 08 May 2025 15:27:53 GMT
etag: "681ccd79-9fc6"
expires: Sun, 25 May 2025 12:09:38 GMT
cache-control: max-age=604800
x-content-type-options: nosniff
accept-ranges: bytes
cf-cache-status: MISS
cf-ray: 941b41452a317128-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6006&min_rtt=3678&rtt_var=5650&sent=22&recv=26&lost=0&retrans=0&sent_bytes=4286&recv_bytes=2127&delivery_rate=2391&cwnd=12000&unsent_bytes=0&cid=b100c40ca024fe9e&ts=611&x=16"

GET movearnpre.com/static/js/app.js?

104.21.77.17

200 OK

120 B

URL GET
movearnpre.com/static/js/app.js?
IP
104.21.77.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectmovearnpre.com
FingerprintC8:8B:4B:E0:C4:64:26:FC:A6:4D:79:32:63:27:79:A4:67:31:BF:8B
ValidityTue, 13 May 2025 08:18:57 GMT - Mon, 11 Aug 2025 09:16:35 GMT

File type
ASCII text
Size
120 B (120 bytes)
Hash
a79f8fabfb7648a13210846a85a88cf7
6712b8182af3de12fda154bee96ff127cfc963fe
ec33448e18837c25e8bad49acb1b6d8a67f9aa49b2804bcd4c8d109ae4e96754

HTTP Headers

GET /static/js/app.js? HTTP/1.1
Host: movearnpre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/file/8vnxvx2o4vu7
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EXWtzNAE73rpSQE9ZjrLa1scQExz7FKlDfQzDndv7dU0nXQfGvRd%2FGXM1rPTn%2BvlCLAQ9PeKUBDkGupluPYp6d%2BBRIA3lfUPllROslFzzAdj26bbga%2BcLvHZI5QQZFLpkg%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 07 Dec 2024 13:03:49 GMT
etag: W/"78-628adc3299740"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
age: 2817
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 941b413fcd2056ab-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3450&min_rtt=670&rtt_var=2189&sent=66&recv=68&lost=0&retrans=0&sent_bytes=22646&recv_bytes=6856&delivery_rate=124246&cwnd=14400&unsent_bytes=0&cid=e77c3646ada7a3bf&ts=213&x=16"

GET movearnpre.com/static/js/xupload.js?

104.21.77.17

200 OK

14 kB

URL GET
movearnpre.com/static/js/xupload.js?
IP
104.21.77.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectmovearnpre.com
FingerprintC8:8B:4B:E0:C4:64:26:FC:A6:4D:79:32:63:27:79:A4:67:31:BF:8B
ValidityTue, 13 May 2025 08:18:57 GMT - Mon, 11 Aug 2025 09:16:35 GMT

File type
JavaScript source, ASCII text
Size
14 kB (13457 bytes)
Hash
1be9e64c09c4be762646bfac494d5a4c
5ec4c04c97217366b17c547b4f7d1fd603a70c73
7c2338576a43210cb210a6b7af1d267b431caa95c9f451a4d9f284bad165d294

HTTP Headers

GET /static/js/xupload.js? HTTP/1.1
Host: movearnpre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/file/8vnxvx2o4vu7
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PUi0F9E6%2BPP0opLoHcM7zaep2dlAX%2Br2ey9%2BrAG75bXZmpdUTI5VKSrIjaqi0B67HeEASYWg5Dar5qfqiPjin65D5CK07NB6ADoHvMEDHlapT3UeAZl1s%2B%2BC14DMCCuszA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 18 Dec 2024 09:43:25 GMT
etag: W/"3491-629883ebfc2cf"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2818
cf-ray: 941b413fdd2156ab-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2538&min_rtt=670&rtt_var=1307&sent=183&recv=75&lost=0&retrans=0&sent_bytes=154113&recv_bytes=7186&delivery_rate=434424&cwnd=88800&unsent_bytes=0&cid=e77c3646ada7a3bf&ts=240&x=16"

GET movearnpre.com/player/jw8/jwplayer.core.controls.js?v=42

104.21.77.17

200 OK

331 kB

URL GET
movearnpre.com/player/jw8/jwplayer.core.controls.js?v=42
IP
104.21.77.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectmovearnpre.com
FingerprintC8:8B:4B:E0:C4:64:26:FC:A6:4D:79:32:63:27:79:A4:67:31:BF:8B
ValidityTue, 13 May 2025 08:18:57 GMT - Mon, 11 Aug 2025 09:16:35 GMT

File type
JavaScript source, ASCII text, with very long lines (65143)
Size
331 kB (331116 bytes)
Hash
bc91b5efc8f4bb2482c2d7d5d8d9b691
5db922c4c6caf3a7d22f57a21670281d5c31994b
f061c139ad68d7ed1360ab6a2c8842466d2913582468c48eb2d1ee2a651fb495

HTTP Headers

GET /player/jw8/jwplayer.core.controls.js?v=42 HTTP/1.1
Host: movearnpre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/file/8vnxvx2o4vu7
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XyZENeTyehpitupy7wR0ZonZ8WPGXzDjZDqB1ZiUCEkf04L4WR%2BRa1QaaaNPesvq4pGMqbKSPr5cxQi%2BU4ggnc3N3UsZZWJvai3kUpBmklF5Plp1qF0NKgm6lrViwmh0kw%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 24 Oct 2024 08:24:46 GMT
etag: W/"50d6c-62534bc2f2f80"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1014
cf-ray: 941b4142dd6256ab-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2584&min_rtt=670&rtt_var=1304&sent=316&recv=82&lost=0&retrans=0&sent_bytes=307598&recv_bytes=7996&delivery_rate=10589682&cwnd=177600&unsent_bytes=0&cid=e77c3646ada7a3bf&ts=702&x=16"

GET movearnpre.com/dl?op=get_slides&length=2857&url=https://layback.cc/8vnxvx2o4vu70000.jpg

104.21.77.17

200 OK

9.2 kB

URL GET
movearnpre.com/dl?op=get_slides&length=2857&url=https://layback.cc/8vnxvx2o4vu70000.jpg
IP
104.21.77.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectmovearnpre.com
FingerprintC8:8B:4B:E0:C4:64:26:FC:A6:4D:79:32:63:27:79:A4:67:31:BF:8B
ValidityTue, 13 May 2025 08:18:57 GMT - Mon, 11 Aug 2025 09:16:35 GMT

File type
WebVTT subtitles, ASCII text
Size
9.2 kB (9228 bytes)
Hash
259ff1a69420c7ffc23dc20a1e3af537
bd8a472c3df3e0c83bb7dd9d9f5579935102da43
cc5a057dddfcb5898eff8ee5706cb0d8ee73a21536da7524a29c455ff450e99b

HTTP Headers

GET /dl?op=get_slides&length=2857&url=https://layback.cc/8vnxvx2o4vu70000.jpg HTTP/1.1
Host: movearnpre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/file/8vnxvx2o4vu7
Cookie: lang=1; _ga_48ZJD1VPGZ=GS2.1.s1747570263$o1$g0$t1747570263$j0$l0$h0; _ga=GA1.1.119171587.1747570264
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: text/vtt
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dDlqgqOkY8aClAkD2DyqXo5xtI3tI5ZMCQ2HOKXpmm7QdyhjhzV44YpUIzWm530wZNunhalHik3oTnAiAj7Eokr1cDj4gc4QfxE26Acs08VMsEgjYpq89RrSpq5tjZ4sgA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-ray: 941b4144dd9656ab-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2347&min_rtt=670&rtt_var=1140&sent=403&recv=88&lost=0&retrans=0&sent_bytes=405808&recv_bytes=9302&delivery_rate=610763&cwnd=177600&unsent_bytes=0&cid=e77c3646ada7a3bf&ts=1133&x=16"

GET fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap

142.250.74.10

200 OK

3.6 kB

URL GET
fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
ASCII text
Size
3.6 kB (3591 bytes)
Hash
35d825bbfa06a00722474414bc5ef193
261399984a263223d6a6d05bdc7f1f8dd4408b57
9ceebd00ce42c01cbbe9ade915ff99832c71d12bd44caf48f4c813df001ffc2b

HTTP Headers

GET /css2?family=Poppins:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 May 2025 12:11:03 GMT
date: Sun, 18 May 2025 12:11:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.35

200 OK

7.9 kB

URL GET
fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint15:8B:D4:EA:7E:CB:34:1B:6F:2E:20:9E:39:44:7A:D6:D7:30:26:AB
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://movearnpre.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 May 2025 10:26:17 GMT
expires: Fri, 15 May 2026 10:26:17 GMT
cache-control: public, max-age=31536000
age: 265486
last-modified: Wed, 23 Apr 2025 16:05:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET movearnpre.com/js/jquery.cookie.js

104.21.77.17

200 OK

4.3 kB

URL GET
movearnpre.com/js/jquery.cookie.js
IP
104.21.77.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectmovearnpre.com
FingerprintC8:8B:4B:E0:C4:64:26:FC:A6:4D:79:32:63:27:79:A4:67:31:BF:8B
ValidityTue, 13 May 2025 08:18:57 GMT - Mon, 11 Aug 2025 09:16:35 GMT

File type
ASCII text
Size
4.3 kB (4331 bytes)
Hash
ae0c2c5d8f01f7d35bb698bb618a62f7
63556a22ddea1c5f23a5cf7d0b6d35c7aab54e20
75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc

HTTP Headers

GET /js/jquery.cookie.js HTTP/1.1
Host: movearnpre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/file/8vnxvx2o4vu7
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SxVUEipvFZSdKJ%2BptRIqOVXU%2B9wXIrgL%2B%2Fp5SHlKULnMimP%2B%2BowVOxzGUyB4FgvirBN4up%2FtHF8wlt%2Bl8UFBo9dVdOXCt%2BJDOtb6u7WgoNpONkg6cIxPYFRiC%2BgFoFbvyg%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 31 May 2011 09:53:56 GMT
etag: "4de4bab4-10eb"
expires: Sun, 25 May 2025 03:31:10 GMT
cache-control: max-age=604800
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
age: 31192
cf-cache-status: HIT
vary: accept-encoding
cf-ray: 941b413fdd2356ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3410&min_rtt=670&rtt_var=1722&sent=91&recv=69&lost=0&retrans=0&sent_bytes=51446&recv_bytes=6902&delivery_rate=696070&cwnd=28800&unsent_bytes=0&cid=e77c3646ada7a3bf&ts=215&x=16"

GET movearnpre.com/static/css/style.css?

104.21.77.17

200 OK

220 kB

URL GET
movearnpre.com/static/css/style.css?
IP
104.21.77.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectmovearnpre.com
FingerprintC8:8B:4B:E0:C4:64:26:FC:A6:4D:79:32:63:27:79:A4:67:31:BF:8B
ValidityTue, 13 May 2025 08:18:57 GMT - Mon, 11 Aug 2025 09:16:35 GMT

File type
ASCII text, with very long lines (651)
Size
220 kB (219529 bytes)
Hash
0a81de7674ebc828f1f0954f3578d174
b44fe5bdf659243107c1d439daf37b7102cef711
5e26a0f96548d80509aeb3846f2039d00407262da52b81f919ceb3ffbe0ed5c9

HTTP Headers

GET /static/css/style.css? HTTP/1.1
Host: movearnpre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/file/8vnxvx2o4vu7
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5KWznIq5LqYM4XJJpv%2Bx22j3NpbLopReNF5STBDMIposSK686TgT9516t5JaZQtitRHTgwuQVa0U4GkUrzNuxCpVTql8Ua8gYAYMiVK5ePCt%2Bxt7VSQuggZVDn9AzV%2Bo%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 12 Dec 2024 10:20:19 GMT
etag: W/"35989-629100fa5bec0"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2818
cf-ray: 941b413fcd1d56ab-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3702&min_rtt=670&rtt_var=2248&sent=53&recv=67&lost=0&retrans=0&sent_bytes=8246&recv_bytes=6813&delivery_rate=2255&cwnd=12000&unsent_bytes=0&cid=e77c3646ada7a3bf&ts=212&x=16"

GET movearnpre.com/static/js/jquery-3.2.1.min.js?

104.21.77.17

200 OK

87 kB

URL GET
movearnpre.com/static/js/jquery-3.2.1.min.js?
IP
104.21.77.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectmovearnpre.com
FingerprintC8:8B:4B:E0:C4:64:26:FC:A6:4D:79:32:63:27:79:A4:67:31:BF:8B
ValidityTue, 13 May 2025 08:18:57 GMT - Mon, 11 Aug 2025 09:16:35 GMT

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
87 kB (86659 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /static/js/jquery-3.2.1.min.js? HTTP/1.1
Host: movearnpre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/file/8vnxvx2o4vu7
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eTKLOFFhRX9GyODzmOo6CD6qLVSPYQb2egfnwdlT9C%2BSOaYtmW7BKxd9xQa2w%2FCBhs67lbgbI%2FL1%2FEtpwWZzUKZIm9IIBiHD1tCSFYYGF8kfmRXSMOi9uLDSRk%2FUwnQsoA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 07 Dec 2024 13:05:54 GMT
etag: "15283-628adca9cf080"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
age: 2817
cache-control: max-age=14400
cf-cache-status: HIT
vary: accept-encoding
cf-ray: 941b413fcd1e56ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3450&min_rtt=670&rtt_var=2189&sent=66&recv=68&lost=0&retrans=0&sent_bytes=22646&recv_bytes=6856&delivery_rate=124246&cwnd=14400&unsent_bytes=0&cid=e77c3646ada7a3bf&ts=213&x=16"

GET movearnpre.com/player/jw8/jwplayer.js?v=6

104.21.77.17

200 OK

148 kB

URL GET
movearnpre.com/player/jw8/jwplayer.js?v=6
IP
104.21.77.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectmovearnpre.com
FingerprintC8:8B:4B:E0:C4:64:26:FC:A6:4D:79:32:63:27:79:A4:67:31:BF:8B
ValidityTue, 13 May 2025 08:18:57 GMT - Mon, 11 Aug 2025 09:16:35 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503)
Size
148 kB (148052 bytes)
Hash
581ff912c413cd78a30f5c212f42271a
79af689432d0f20cd1d951eb9436711da07decd4
c708d26c24b48c3343e8cc7879d07e8ca6f23d1cc1e5df165a9f8e24a7c5830e

HTTP Headers

GET /player/jw8/jwplayer.js?v=6 HTTP/1.1
Host: movearnpre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/file/8vnxvx2o4vu7
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jEZ1RRhsTGfdUuY2qZoIpdnFQKbiT8u6jePOItuTFh8m240zHyW%2BgkTRtCF%2FFQTj3QTLoSQAJz%2BiZpP9uVaAVqIXikBSd3u2Zf8REGnz1XpVq%2BDFOPQRtBwQrwjOkrEDIw%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 28 Mar 2025 05:48:51 GMT
etag: "24254-631609ffc56c0"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
age: 5184
cache-control: max-age=14400
cf-cache-status: HIT
vary: accept-encoding
cf-ray: 941b413fdd2456ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3118&min_rtt=670&rtt_var=1876&sent=101&recv=70&lost=0&retrans=0&sent_bytes=63446&recv_bytes=6948&delivery_rate=5210563&cwnd=34800&unsent_bytes=0&cid=e77c3646ada7a3bf&ts=215&x=16"

GET ng.hereofcineols.com/twLvtGRo8Uhel/62124

23.109.170.227

200 OK

5 B

URL GET
ng.hereofcineols.com/twLvtGRo8Uhel/62124
IP
23.109.170.227:443
ASN
#7979 SERVERS-COM

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerLet's Encrypt
Subjectng.hereofcineols.com
Fingerprint52:96:39:E1:3A:36:02:1B:BD:9B:63:C4:DC:70:F2:4F:53:04:B1:5F
ValidityMon, 24 Mar 2025 06:33:35 GMT - Sun, 22 Jun 2025 06:33:34 GMT

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /twLvtGRo8Uhel/62124 HTTP/1.1
Host: ng.hereofcineols.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 May 2025 12:11:03 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://movearnpre.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Mon, 19-May-2025 12:11:03 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Mon, 19-May-2025 12:11:03 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

142.250.74.35

200 OK

7.8 kB

URL GET
fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint15:8B:D4:EA:7E:CB:34:1B:6F:2E:20:9E:39:44:7A:D6:D7:30:26:AB
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v23/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://movearnpre.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 May 2025 17:33:37 GMT
expires: Thu, 14 May 2026 17:33:37 GMT
cache-control: public, max-age=31536000
age: 326246
last-modified: Wed, 23 Apr 2025 16:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET pfabiwmfmeza.milocdn.com/hls2/01/05043/k6d3ws5pkaem_n/seg-2-v1-a1.ts?t=evhjzHlvvlCgyQXnyOTo_JHx6LUYZfumDBLvz-K8ZLs&s=1747570262&e=129600&f=25226660&srv=56wXoBghBqID&i=0.4&sp=500&p1=56wXoBghBqID&p2=56wXoBghBqID&asn=50304

45.156.158.23

200 OK

1.2 MB

URL GET
pfabiwmfmeza.milocdn.com/hls2/01/05043/k6d3ws5pkaem_n/seg-2-v1-a1.ts?t=evhjzHlvvlCgyQXnyOTo_JHx6LUYZfumDBLvz-K8ZLs&s=1747570262&e=129600&f=25226660&srv=56wXoBghBqID&i=0.4&sp=500&p1=56wXoBghBqID&p2=56wXoBghBqID&asn=50304
IP
45.156.158.23:443
ASN
#209155 Onehostplanet s.r.o.

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerSectigo Limited
Subject*.milocdn.com
FingerprintFD:55:A0:A2:C2:CC:FC:32:F1:7B:E4:E4:18:64:BA:BA:6B:CB:D8:38
ValidityThu, 21 Nov 2024 00:00:00 GMT - Fri, 21 Nov 2025 23:59:59 GMT

File type
MPEG transport stream data
Size
1.2 MB (1245688 bytes)
Hash
251c6dff2be8788631b490967e19c3c5
abbc0d59f7f84b12e66d1cc194d72ecebf896299
e2865c7bf7c2674bd9407ba9da67cc955ae180c91c6c622e54e32b0d644c4561

HTTP Headers

GET /hls2/01/05043/k6d3ws5pkaem_n/seg-2-v1-a1.ts?t=evhjzHlvvlCgyQXnyOTo_JHx6LUYZfumDBLvz-K8ZLs&s=1747570262&e=129600&f=25226660&srv=56wXoBghBqID&i=0.4&sp=500&p1=56wXoBghBqID&p2=56wXoBghBqID&asn=50304 HTTP/1.1
Host: pfabiwmfmeza.milocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movearnpre.com
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 May 2025 12:11:06 GMT
Content-Type: video/MP2T
Content-Length: 1245688
Connection: keep-alive
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Expires: Tue, 26 Aug 2025 12:11:06 GMT
ETag: "5f693e80-1301f8"
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
X-Cache-Status: MISS
Accept-Ranges: bytes

GET movearnpre.com/file/8vnxvx2o4vu7

104.21.77.17

200 OK

25 kB

URL User Request GET
movearnpre.com/file/8vnxvx2o4vu7
IP
104.21.77.17:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectmovearnpre.com
FingerprintC8:8B:4B:E0:C4:64:26:FC:A6:4D:79:32:63:27:79:A4:67:31:BF:8B
ValidityTue, 13 May 2025 08:18:57 GMT - Mon, 11 Aug 2025 09:16:35 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (7047), with CRLF, LF line terminators
Size
25 kB (24788 bytes)
Hash
088e171c85932e2fa722fdc723b6a7f0
0716524bf200610634c3a97a130c8981b6a3ab5c
f75f678eb0ca109ff1f0b5b28b2bbf4c77159ddb4e7643ce1356281633f60501

HTTP Headers

GET /file/8vnxvx2o4vu7 HTTP/1.1
Host: movearnpre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 12:11:02 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
expires: Sat, 17 May 2025 12:11:02 GMT
x-frame-options: DENY
vary: accept-encoding
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=phf8dLjwclzrBueq%2BCaG6WI%2BFSAfnwzfSNlKiJi1vJRnv5ioA0IOjnehWFhL%2FDpsvLZ6croo2LEz1CD3x7QlmMQYqM0xzgwex%2BB18g%3D%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: lang=1; HttpOnly; Path=/; Domain=movearnpre.com
cf-ray: 941b413bfb9856b7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

142.250.74.35

200 OK

7.7 kB

URL GET
fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint15:8B:D4:EA:7E:CB:34:1B:6F:2E:20:9E:39:44:7A:D6:D7:30:26:AB
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://movearnpre.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 May 2025 20:17:34 GMT
expires: Thu, 14 May 2026 20:17:34 GMT
cache-control: public, max-age=31536000
age: 316409
last-modified: Wed, 23 Apr 2025 16:07:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET jouwaikekaivep.net/tag.min.js

172.67.195.43

200 OK

103 kB

URL GET
jouwaikekaivep.net/tag.min.js
IP
172.67.195.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectjouwaikekaivep.net
FingerprintCE:2D:63:56:3F:BD:98:7C:95:4A:36:91:A8:1D:FB:E2:4D:BC:12:78
ValiditySat, 26 Apr 2025 02:59:42 GMT - Fri, 25 Jul 2025 03:57:49 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
103 kB (102565 bytes)
Hash
ddc19ab0a69d5eedcce14aa435f8209f
6fe055a3ccf187da759a514a89c37f37db368682
6246e5559eba7b5f91b71a1e5f976ef939079312de24883f5540e0a2a02cb89e

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: jouwaikekaivep.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: application/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-trace-id: 85398e25fd6e5ce8eaaebe0edbad79d7
cache-control: public, max-age=3600, s-maxage=1800
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 1059
last-modified: Sun, 18 May 2025 11:53:24 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=2sv4NN030PlY189Tg2vf0%2FdaLlU8pPphcZOkTfbJ1MIUN05usCvD%2F76v%2B%2FDE6WI9DXI6jaqubw8A5MHm7GGA4%2F%2B702%2BePh%2Bq6o5oOm4fOSE%3D"}]}
cf-ray: 941b41435ec656a3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET movearnpre.com/static/js/bootstrap.bundle.min.js?

104.21.77.17

200 OK

80 kB

URL GET
movearnpre.com/static/js/bootstrap.bundle.min.js?
IP
104.21.77.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectmovearnpre.com
FingerprintC8:8B:4B:E0:C4:64:26:FC:A6:4D:79:32:63:27:79:A4:67:31:BF:8B
ValidityTue, 13 May 2025 08:18:57 GMT - Mon, 11 Aug 2025 09:16:35 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
80 kB (79790 bytes)
Hash
2faceb2d3db75ced808545e78fab94ed
c663baa051856b64d746629a961e23bbf0fbaf8c
c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f

HTTP Headers

GET /static/js/bootstrap.bundle.min.js? HTTP/1.1
Host: movearnpre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/file/8vnxvx2o4vu7
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uGvcv30wKwBqz1nt5tU582kB2K10n22fzh1Be54uAtXZPUKMGK0c789sjl0Md7GlwV7%2BaoAz1u2c9Iv%2B0ocUyCBCremjOfYreXLDd9oxKivXtbzroEgxc%2FEPj8ZEPssOfg%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 07 Dec 2024 13:05:54 GMT
etag: "137ae-628adca9cf080"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
age: 2817
cache-control: max-age=14400
cf-cache-status: HIT
vary: accept-encoding
cf-ray: 941b413fcd1f56ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2726&min_rtt=670&rtt_var=1743&sent=159&recv=72&lost=0&retrans=0&sent_bytes=128199&recv_bytes=7040&delivery_rate=24439884&cwnd=69600&unsent_bytes=0&cid=e77c3646ada7a3bf&ts=217&x=16"

GET movearnpre.com/assets/jquery/css100.js?v=1.1

104.21.77.17

200 OK

5.5 kB

URL GET
movearnpre.com/assets/jquery/css100.js?v=1.1
IP
104.21.77.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectmovearnpre.com
FingerprintC8:8B:4B:E0:C4:64:26:FC:A6:4D:79:32:63:27:79:A4:67:31:BF:8B
ValidityTue, 13 May 2025 08:18:57 GMT - Mon, 11 Aug 2025 09:16:35 GMT

File type
ASCII text
Size
5.5 kB (5526 bytes)
Hash
82627f1f107041b70a5b0dc926613eb1
7820d851e12917736ca856684d3391a864e1d6cc
4673a7261358481af483796531081e567810eca4f75d3ba083f71d200869b469

HTTP Headers

GET /assets/jquery/css100.js?v=1.1 HTTP/1.1
Host: movearnpre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/file/8vnxvx2o4vu7
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: text/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8cySvzEEW8qGkxQ9nKM7wPrNxvgvT1WrdC5btDKIW918CNQ2BrVwvMD0ys%2F1zNVLF1lekKmQMS1oshoF6QWJhhCNhEh8zjotA76mefEpZyqUpy5BImBDrIJGTgC5uOf%2BEA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 17 May 2025 12:11:03 GMT
x-frame-options: DENY
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
cf-ray: 941b413fdd2956ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2563&min_rtt=670&rtt_var=1178&sent=190&recv=77&lost=0&retrans=0&sent_bytes=161642&recv_bytes=7284&delivery_rate=1096224&cwnd=88800&unsent_bytes=0&cid=e77c3646ada7a3bf&ts=330&x=16"

GET pfabiwmfmeza.milocdn.com/hls2/01/05043/k6d3ws5pkaem_n/index-v1-a1.m3u8?t=evhjzHlvvlCgyQXnyOTo_JHx6LUYZfumDBLvz-K8ZLs&s=1747570262&e=129600&f=25226660&srv=56wXoBghBqID&i=0.4&sp=500&p1=56wXoBghBqID&p2=56wXoBghBqID&asn=50304

45.156.158.23

200 OK

70 kB

URL GET
pfabiwmfmeza.milocdn.com/hls2/01/05043/k6d3ws5pkaem_n/index-v1-a1.m3u8?t=evhjzHlvvlCgyQXnyOTo_JHx6LUYZfumDBLvz-K8ZLs&s=1747570262&e=129600&f=25226660&srv=56wXoBghBqID&i=0.4&sp=500&p1=56wXoBghBqID&p2=56wXoBghBqID&asn=50304
IP
45.156.158.23:443
ASN
#209155 Onehostplanet s.r.o.

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerSectigo Limited
Subject*.milocdn.com
FingerprintFD:55:A0:A2:C2:CC:FC:32:F1:7B:E4:E4:18:64:BA:BA:6B:CB:D8:38
ValidityThu, 21 Nov 2024 00:00:00 GMT - Fri, 21 Nov 2025 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
70 kB (70384 bytes)
Hash
e1c18ee4667c349a636a9da758d62d61
d39f7c87d28d161f90809fa9d130c29629adf4ba
d4ae7bda0df2c2361a9988d2ae025c7906d6a6ef215b3a4ba120b4dfb0d28642

HTTP Headers

GET /hls2/01/05043/k6d3ws5pkaem_n/index-v1-a1.m3u8?t=evhjzHlvvlCgyQXnyOTo_JHx6LUYZfumDBLvz-K8ZLs&s=1747570262&e=129600&f=25226660&srv=56wXoBghBqID&i=0.4&sp=500&p1=56wXoBghBqID&p2=56wXoBghBqID&asn=50304 HTTP/1.1
Host: pfabiwmfmeza.milocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movearnpre.com
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 May 2025 12:11:04 GMT
Content-Type: application/vnd.apple.mpegurl
Last-Modified: Sun, 18 May 2025 12:11:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 26 Aug 2025 12:11:04 GMT
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
X-Cache-Status: MISS
Content-Encoding: gzip

POST x3os.com/5/8544079/?oo=1&js_build=iclick-v1.1136.1&dmn=jouwaikekaivep.net&tt=2&ix=0

139.45.196.64

204 No Content

0 B

URL POST
x3os.com/5/8544079/?oo=1&js_build=iclick-v1.1136.1&dmn=jouwaikekaivep.net&tt=2&ix=0
IP
139.45.196.64:443
ASN
#9002 RETN Limited

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerLet's Encrypt
Subjectx3os.com
Fingerprint50:C0:EA:5D:F8:E5:56:73:E2:8F:35:76:0A:C7:E0:08:49:F5:FD:AB
ValidityTue, 22 Apr 2025 14:19:12 GMT - Mon, 21 Jul 2025 14:19:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /5/8544079/?oo=1&js_build=iclick-v1.1136.1&dmn=jouwaikekaivep.net&tt=2&ix=0 HTTP/1.1
Host: x3os.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2560
Origin: https://movearnpre.com
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Sun, 18 May 2025 12:11:04 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://movearnpre.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

GET movearnpre.com/static/images/logo.svg

104.21.77.17

200 OK

5.4 kB

URL GET
movearnpre.com/static/images/logo.svg
IP
104.21.77.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectmovearnpre.com
FingerprintC8:8B:4B:E0:C4:64:26:FC:A6:4D:79:32:63:27:79:A4:67:31:BF:8B
ValidityTue, 13 May 2025 08:18:57 GMT - Mon, 11 Aug 2025 09:16:35 GMT

File type
SVG Scalable Vector Graphics image
Size
5.4 kB (5410 bytes)
Hash
91604e91d7e9259d6a11de1a1ba58882
d21a51acfe853ef77a7a60323403d8c2faab1b19
ba47a482ea89b05034924ef4827213d6882feeba74e6c3e3a89b4bd18e792508

HTTP Headers

GET /static/images/logo.svg HTTP/1.1
Host: movearnpre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/file/8vnxvx2o4vu7
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lrGHpHA2sa7c29PME2TB2ipXhNaa50%2BshuxSRlPDoFI8Uo20wpivSxB%2BZ3pU9bwo8rXLZwMyUeT0p801mJD7iNuojpoVUi7kj31uydklv9C7n%2Bjk1g9A5GXQh25GXEuHpg%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 12 Dec 2024 03:07:33 GMT
etag: W/"1522-6290a03f40740"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
age: 6224
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 941b413fdd2256ab-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3702&min_rtt=670&rtt_var=2248&sent=49&recv=67&lost=0&retrans=0&sent_bytes=5413&recv_bytes=6813&delivery_rate=2255&cwnd=12000&unsent_bytes=0&cid=e77c3646ada7a3bf&ts=210&x=16"

GET movearnpre.com/static/images/favicon/favicon-16x16.png

104.21.77.17

200 OK

902 B

URL GET
movearnpre.com/static/images/favicon/favicon-16x16.png
IP
104.21.77.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectmovearnpre.com
FingerprintC8:8B:4B:E0:C4:64:26:FC:A6:4D:79:32:63:27:79:A4:67:31:BF:8B
ValidityTue, 13 May 2025 08:18:57 GMT - Mon, 11 Aug 2025 09:16:35 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
902 B (902 bytes)
Hash
325f8d9edff1046b975687b5930709a8
18b19e394436565e3b5f022a5a1a9cb2332f0cf0
c93366b23b09fc0617da86880f1ae3db3eed6efe867bf81bb505b8a95c3b7857

HTTP Headers

GET /static/images/favicon/favicon-16x16.png HTTP/1.1
Host: movearnpre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/file/8vnxvx2o4vu7
Cookie: lang=1; _ga_48ZJD1VPGZ=GS2.1.s1747570263$o1$g0$t1747570263$j0$l0$h0; _ga=GA1.1.119171587.1747570264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:03 GMT
content-type: image/png
content-length: 902
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ArwTPiWakw9uKWr1EJBKdHd94QwWFjPSqHyvuSpULFQVrxRLD06SM1uTTeMNs4qLd%2BQV2sEWwgE2eztyKENcoQIO3xXyKq30Vj6V2xov70oo70iLBT4N3dNKerqQhngkw%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 12 Dec 2024 16:58:13 GMT
etag: "386-629159ea61340"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
cf-ray: 941b4144bd8f56ab-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2473&min_rtt=670&rtt_var=1184&sent=401&recv=87&lost=0&retrans=0&sent_bytes=404229&recv_bytes=9256&delivery_rate=286430&cwnd=177600&unsent_bytes=0&cid=e77c3646ada7a3bf&ts=1070&x=16"

GET layback.cc/8vnxvx2o4vu70000.jpg

172.67.191.217

200 OK

1.1 MB

URL GET
layback.cc/8vnxvx2o4vu70000.jpg
IP
172.67.191.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://movearnpre.com/file/8vnxvx2o4vu7
Certificate
IssuerGoogle Trust Services
Subjectlayback.cc
FingerprintA4:EF:6D:10:15:7E:28:E5:B2:9B:1A:79:58:4A:42:AD:42:63:B6:A8
ValidityFri, 09 May 2025 17:15:02 GMT - Thu, 07 Aug 2025 18:12:38 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2000x1120, components 3
Size
1.1 MB (1067135 bytes)
Hash
50468d359390e032231efe094a00d884
1c054a80fa0876b08c37c7098352122306acded6
6ff1f92bafdd5ddaa7b8fb9f1076c23e2950e538e958a2402d1dffd32627d3af

HTTP Headers

GET /8vnxvx2o4vu70000.jpg HTTP/1.1
Host: layback.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://movearnpre.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 12:11:05 GMT
content-type: image/jpeg
content-length: 1067135
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tgvlLk8fdFR4WfdmhoaWFtNCubJMvfJpeWKeaiMu7iKEPPoQi7Xq%2BAf1NBxrZFhCzBlQNlczx%2BoaobZPeEBTwNw4yCVEqOR%2BND14CDeTha1V21qHInmymOwvDqAv"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 08 May 2025 05:51:55 GMT
etag: "681c467b-10487f"
expires: Sun, 25 May 2025 12:09:39 GMT
cache-control: max-age=604800
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
cf-ray: 941b414ccb697128-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4655&min_rtt=1146&rtt_var=3727&sent=60&recv=31&lost=0&retrans=0&sent_bytes=46930&recv_bytes=2587&delivery_rate=542586&cwnd=48000&unsent_bytes=0&cid=b100c40ca024fe9e&ts=1864&x=16"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML