urlscan.io logo urlscan.io
SecurityTrails logo

w.tranquilchallengingclick.buzz Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.trimbuilder.foundation/?sl=5768231-bead7&data1=track1&data2=track2&tag=m7360491531997806612&website=24033-b05f23cz&plac...
Effective URL: https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl...
Submission: On April 30 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 11 domains to perform 30 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is w.tranquilchallengingclick.buzz.
TLS certificate: Issued by GTS CA 1P5 on April 18th 2024. Valid for: 3 months.
This is the only time w.tranquilchallengingclick.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 51.68.82.147 16276 (OVH)
1 1 172.67.71.68 13335 (CLOUDFLAR...)
1 1 34.91.142.64 396982 (GOOGLE-CL...)
1 4 172.67.198.198 13335 (CLOUDFLAR...)
1 172.67.185.188 13335 (CLOUDFLAR...)
3 99.198.106.194 32475 (SINGLEHOP...)
1 11 188.114.96.3 13335 (CLOUDFLAR...)
12 139.45.197.251 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
30 6
2    51.68.82.147 (United Kingdom)

ASN16276 (OVH, FR)
www.trimbuilder.foundation
1    172.67.71.68 (United States)

ASN13335 (CLOUDFLARENET, US)
admoustache.aftrad-visit.com
1    34.91.142.64 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.142.91.34.bc.googleusercontent.com
harrenmedia.g2afse.com
4    172.67.198.198 (United States)

ASN13335 (CLOUDFLARENET, US)
zags.stravaganz.com
1    172.67.185.188 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
3    99.198.106.194 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
tuk.kutberg.com
11    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
merterpazar.com
w.tranquilchallengingclick.buzz
12    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
gauvaiho.net
jouteetu.net
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
Apex Domain
Subdomains		 Transfer
10 tranquilchallengingclick.buzz
w.tranquilchallengingclick.buzz
900 KB
9 jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 29450
4 stravaganz.com
zags.stravaganz.com
6 KB
3 gauvaiho.net
gauvaiho.net — Cisco Umbrella Rank: 373360
16 KB
3 kutberg.com
tuk.kutberg.com
5 KB
2 trimbuilder.foundation
www.trimbuilder.foundation
832 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11881
556 B
1 merterpazar.com
merterpazar.com
2 KB
1 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 593564
1019 B
1 g2afse.com
harrenmedia.g2afse.com
272 B
1 aftrad-visit.com
admoustache.aftrad-visit.com
407 B
30 11
Domain Requested by
10 w.tranquilchallengingclick.buzz tuk.kutberg.com
w.tranquilchallengingclick.buzz
gauvaiho.net
9 jouteetu.net gauvaiho.net
4 zags.stravaganz.com 1 redirects zags.stravaganz.com
3 gauvaiho.net w.tranquilchallengingclick.buzz
gauvaiho.net
3 tuk.kutberg.com zags.stravaganz.com
2 www.trimbuilder.foundation 2 redirects
1 my.rtmark.net gauvaiho.net
1 merterpazar.com 1 redirects
1 cdn.addlnk.com zags.stravaganz.com
1 harrenmedia.g2afse.com 1 redirects
1 admoustache.aftrad-visit.com 1 redirects
30 11

This site contains no links.

Subject Issuer Validity Valid
stravaganz.com
GTS CA 1P5		 2024-03-11 -
2024-06-09		 3 months crt.sh
addlnk.com
GTS CA 1P5		 2024-04-03 -
2024-07-02		 3 months crt.sh
tuk.kutberg.com
R3		 2024-04-26 -
2024-07-25		 3 months crt.sh
tranquilchallengingclick.buzz
GTS CA 1P5		 2024-04-18 -
2024-07-17		 3 months crt.sh
gauvaiho.net
R3		 2024-04-19 -
2024-07-18		 3 months crt.sh
jouteetu.net
R3		 2024-03-13 -
2024-06-11		 3 months crt.sh
rtmark.net
R3		 2024-03-02 -
2024-05-31		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
Frame ID: 11069AE84980193386948424063F7DF8
Requests: 28 HTTP requests in this frame

Frame: https://zags.stravaganz.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Frame ID: 2AFB5497F1DE82956AEA85938B94C020
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ultimate action-shooter

Page URL History Show full URLs

  1. http://www.trimbuilder.foundation/?sl=5768231-bead7&data1=track1&data2=track2&tag=m7360491531997806612&website... HTTP 307
    https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=track1&data2=track2&tag=m7360491531997806612&website... HTTP 302
    https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=31000b... HTTP 307
    https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=track1&data2=track2&tag=m7360491531997806612&website... HTTP 302
    https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=310002... HTTP 302
    https://harrenmedia.g2afse.com/sl?id=5fc763a729102be261cd5e90&pid=88&sub1=2019eD3AN18Ay8GjRBfQRRcH2m2tGNddW... HTTP 302
    https://zags.stravaganz.com/rc/d736b127be?affclick=66316b987c23bd0001fa86fc&pubid=88 Page URL
  2. https://tuk.kutberg.com/?utm_medium=d3ca3460d7f36250b207d930496f80c0c7058403&utm_campaign=mainstream... Page URL
  3. https://merterpazar.com/dc238e43-201c-4164-ab38-0936a977262e?2=13260&3=13260-e3179af7-95b254db&1=M73... HTTP 302
    https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOf... Page URL

Page Statistics

30
Requests

97 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

6
IPs

3
Countries

929 kB
Transfer

975 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.trimbuilder.foundation/?sl=5768231-bead7&data1=track1&data2=track2&tag=m7360491531997806612&website=24033-b05f23cz&placement=24033&eyeg=1 HTTP 307
    https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=track1&data2=track2&tag=m7360491531997806612&website=24033-b05f23cz&placement=24033&eyeg=1 HTTP 302
    https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=31000b0b46d235d24d86d1ca9de4fcff17bee0430-202404-flb*5768231-bead7*m7360491531997806612*sl_5768231-bead7*d31405fd091866d0636b696f5085785686eaa687*24033-b05f23cz*24033 HTTP 307
    https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=track1&data2=track2&tag=m7360491531997806612&website=24033-b05f23cz&placement=24033&eyeg=1 HTTP 302
    https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=310002640818e8aa582c7740cb77e584e9f960430-202404-flb*5768231-bead7*m7360491531997806612*sl_5768231-bead7*d31405fd091866d0636b696f5085785686eaa687*24033-b05f23cz*24033 HTTP 302
    https://harrenmedia.g2afse.com/sl?id=5fc763a729102be261cd5e90&pid=88&sub1=2019eD3AN18Ay8GjRBfQRRcH2m2tGNddWp2f14Hb6k1XfqvAKjvPRwhtjsy5LRFmbiYVDA&sub2=1B7fmUHKE HTTP 302
    https://zags.stravaganz.com/rc/d736b127be?affclick=66316b987c23bd0001fa86fc&pubid=88 Page URL
  2. https://tuk.kutberg.com/?utm_medium=d3ca3460d7f36250b207d930496f80c0c7058403&utm_campaign=mainstream_redirect&1=8da3f930&cid=pub653345c367124744a5d0e9977edc00af&2=88 Page URL
  3. https://merterpazar.com/dc238e43-201c-4164-ab38-0936a977262e?2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201 HTTP 302
    https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.trimbuilder.foundation/?sl=5768231-bead7&data1=track1&data2=track2&tag=m7360491531997806612&website=24033-b05f23cz&placement=24033&eyeg=1 HTTP 307
  • https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=track1&data2=track2&tag=m7360491531997806612&website=24033-b05f23cz&placement=24033&eyeg=1 HTTP 302
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=31000b0b46d235d24d86d1ca9de4fcff17bee0430-202404-flb*5768231-bead7*m7360491531997806612*sl_5768231-bead7*d31405fd091866d0636b696f5085785686eaa687*24033-b05f23cz*24033 HTTP 307
  • https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=track1&data2=track2&tag=m7360491531997806612&website=24033-b05f23cz&placement=24033&eyeg=1 HTTP 302
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=310002640818e8aa582c7740cb77e584e9f960430-202404-flb*5768231-bead7*m7360491531997806612*sl_5768231-bead7*d31405fd091866d0636b696f5085785686eaa687*24033-b05f23cz*24033 HTTP 302
  • https://harrenmedia.g2afse.com/sl?id=5fc763a729102be261cd5e90&pid=88&sub1=2019eD3AN18Ay8GjRBfQRRcH2m2tGNddWp2f14Hb6k1XfqvAKjvPRwhtjsy5LRFmbiYVDA&sub2=1B7fmUHKE HTTP 302
  • https://zags.stravaganz.com/rc/d736b127be?affclick=66316b987c23bd0001fa86fc&pubid=88
Request Chain 2
  • https://zags.stravaganz.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://zags.stravaganz.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
d736b127be
zags.stravaganz.com/rc/
Redirect Chain
  • http://www.trimbuilder.foundation/?sl=5768231-bead7&data1=track1&data2=track2&tag=m7360491531997806612&website=24033-b05f23cz&placement=24033&eyeg=1
  • https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=track1&data2=track2&tag=m7360491531997806612&website=24033-b05f23cz&placement=24033&eyeg=1
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=31000b0b46d235d24d86d1ca9de4fcff17bee0430-202404-flb*5768231-bead7*m7360491531997806612*sl...
  • https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=track1&data2=track2&tag=m7360491531997806612&website=24033-b05f23cz&placement=24033&eyeg=1
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=310002640818e8aa582c7740cb77e584e9f960430-202404-flb*5768231-bead7*m7360491531997806612*sl...
  • https://harrenmedia.g2afse.com/sl?id=5fc763a729102be261cd5e90&pid=88&sub1=2019eD3AN18Ay8GjRBfQRRcH2m2tGNddWp2f14Hb6k1XfqvAKjvPRwhtjsy5LRFmbiYVDA&sub2=1B7fmUHKE
  • https://zags.stravaganz.com/rc/d736b127be?affclick=66316b987c23bd0001fa86fc&pubid=88
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zags.stravaganz.com/rc/d736b127be?affclick=66316b987c23bd0001fa86fc&pubid=88
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee7ca04a68c6a6319c289d75336e7d2d81677812e8af8d8e1f08581c6355d025

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87cad81cae8e9a33-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Tue, 30 Apr 2024 22:07:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bH7uo5VruNK2rpbIfhcg%2Bsu6B90qMs6QXfBbtFn%2B4fHVZCShUYuucFdxdXg7gTrq0Ly7R0k3qfvHAGNKIPWlE8UHC1R6JyyDjxLSAdzlCWAhvhLUqP%2FMvHANWDueGI%2FuYeq0OzOV"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Tue, 30 Apr 2024 22:07:20 GMT
location
https://zags.stravaganz.com/rc/d736b127be?affclick=66316b987c23bd0001fa86fc&pubid=88
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
redirect.css
cdn.addlnk.com/ 		1 KB
1019 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: zags.stravaganz.com
URL: https://zags.stravaganz.com/rc/d736b127be?affclick=66316b987c23bd0001fa86fc&pubid=88
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:07:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9Y5H53MPPDZ4JW1N
age
4572
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ABK4LHd5BkWX3/c/hcU2GrF0tgItpobY02ILKLlE0Gnv930KitdQQFoyEaDAwN2s6VhByUjFrDc=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IxaJh3IgiCRhlgMdB6K2qbjw0U2W9WxALTO%2BRglgyuHITfy6EdyFKf6yOk4QxrbQZ2jIZ5DKgGJ1vFYnoUeRMBL%2B6536J7VYwAuuBc%2F%2B41sFLjAzATcmIFZ9ieDGR2Yb%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
87cad81e09ff2a22-CDG
main.js
zags.stravaganz.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/ Frame 2AFB
Redirect Chain
  • https://zags.stravaganz.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://zags.stravaganz.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zags.stravaganz.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Protocol
H3
Server
172.67.198.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Apr 2024 22:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2ByghHPH7UAlQkuAQe0hqS8XSXVG%2FW%2B66bZPsLWW9yk82eo3WXLI2S8nfdt7C2GZluE76vyl8SY5kKWJwvhRTAzMl0v82qv%2B6WvsgWiHpUfTYQx06QBBe3TXzvPhaJMQHJxyA0hkT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
87cad81ea80c9a33-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 30 Apr 2024 22:07:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rEEHNw1kHYaY6mtLYMLjYhGrn2zrP32O4d10MzDnzAoxUAZ2cVYjSQiIcwy87CufiDeiAwvgK1yPiqwSCjzNsNaMtUS%2BX%2BxTSWekqKLd72p9RYn1ww8EAQVBXKQOvYFNHJP7c6hf"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
87cad81e6fda9a33-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
/
tuk.kutberg.com/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tuk.kutberg.com/?utm_medium=d3ca3460d7f36250b207d930496f80c0c7058403&utm_campaign=mainstream_redirect&1=8da3f930&cid=pub653345c367124744a5d0e9977edc00af&2=88
Requested by
Host: zags.stravaganz.com
URL: https://zags.stravaganz.com/rc/d736b127be?affclick=66316b987c23bd0001fa86fc&pubid=88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.106.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
54fa9fe81fa579cf17e573f138f977b4b27fe30bd1d8b8f2162ec97c250bccb6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=604800; persist=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 30 Apr 2024 22:07:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
87cad81cae8e9a33
zags.stravaganz.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 2AFB 		0
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zags.stravaganz.com/cdn-cgi/challenge-platform/h/g/jsd/r/87cad81cae8e9a33
Requested by
Host: zags.stravaganz.com
URL: https://zags.stravaganz.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 30 Apr 2024 22:07:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uJm1%2F0ehsuEiUvwfv1AouvDnUK6PecXf62kQnZOBdY7f8CZktxbQ6STeZDw2UvKNJsIYXNf%2BYqWwgnwe2YSbe0hPTSjZWx8hr1Wz7asM4nG7lYcwH6WQTqT1pxbNlSn6Fak%2Bmr4G"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
87cad81f78ae9a33-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
tuk.kutberg.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tuk.kutberg.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.106.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-full-version
"124.0.6367.78"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tuk.kutberg.com/?utm_medium=d3ca3460d7f36250b207d930496f80c0c7058403&utm_campaign=mainstream_redirect&1=8da3f930&cid=pub653345c367124744a5d0e9977edc00af&2=88
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:07:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
etag
"64d60f4e-47e"
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
expires
Wed, 01 May 2024 22:07:21 GMT
favicon.ico
tuk.kutberg.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tuk.kutberg.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.106.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-full-version
"124.0.6367.78"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tuk.kutberg.com/?utm_medium=d3ca3460d7f36250b207d930496f80c0c7058403&utm_campaign=mainstream_redirect&1=8da3f930&cid=pub653345c367124744a5d0e9977edc00af&2=88
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:07:21 GMT
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
etag
"64d60f4e-47e"
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
expires
Wed, 01 May 2024 22:07:21 GMT
Primary Request index.html
w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/
Redirect Chain
  • https://merterpazar.com/dc238e43-201c-4164-ab38-0936a977262e?2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
  • https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uw...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
Requested by
Host: tuk.kutberg.com
URL: https://tuk.kutberg.com/?utm_medium=d3ca3460d7f36250b207d930496f80c0c7058403&utm_campaign=mainstream_redirect&1=8da3f930&cid=pub653345c367124744a5d0e9977edc00af&2=88
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00d14df79d4f548a50f6e4ec6dad066d7de7f162efbe8b93bd0d3f87400d54cb

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://tuk.kutberg.com/?utm_medium=d3ca3460d7f36250b207d930496f80c0c7058403&utm_campaign=mainstream_redirect&1=8da3f930&cid=pub653345c367124744a5d0e9977edc00af&2=88#0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
age
39922
alt-svc
h3=":443"; ma=86400
cache-control
max-age=604800
cf-cache-status
DYNAMIC
cf-ray
87cad82e8ecd9e9f-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 30 Apr 2024 22:07:23 GMT
expires
Tue, 07 May 2024 22:07:23 GMT
last-modified
Thu, 25 Apr 2024 03:43:41 GMT
link
<https://sec.movienightowl.com/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201>; rel="canonical"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vcI1snymZNc032rFDGbj4WcBlsI1J7Gbo7uYXkGBzg4HPvKgL4TnOLaDPERjWZH5PH5agGwX48G199fFcvm5T51v4QCgv3hK2ZxX26LomElPfUgxKhpOdD6Q0B9GqNj77%2F3fDggnVt0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache
HIT
x-edge-location
frpa

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, pre-check=0, post-check=0
cf-cache-status
DYNAMIC
cf-ray
87cad82e08695b4a-FRA
content-length
0
date
Tue, 30 Apr 2024 22:07:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BA3fxXrPdwLXA%2FA%2BVBBVb4cZhjmOAXCqflIc%2FkoWRj10x0I61Hhf25wXgphC8LAfauzHtZG0eiTVZ1uSXF2z65DCPnsSraecutMat0kvavtTb2TRKm0gPZFyP3j7s%2F65%2F5w%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
23.556f11bb.css
w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/assets/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/assets/23.556f11bb.css
Requested by
Host: w.tranquilchallengingclick.buzz
URL: https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fd1a3a98c130c5181ab7dc32317a986012f1bcd370cc2a80e5abc123445da7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:07:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54274
x-edge-location
frpa
x-cache
MISS
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 Apr 2024 03:43:48 GMT
server
cloudflare
etag
W/"366b-616e3984c912d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cduTvZ6F0bapoLzbngZnoo1o2dNW4Z4fwu3m50tmkxnG8AASLunDBtXDRtc9bQBsY5FT%2FhMPY0E9qxXa6SmUC%2FT3Xslbl5bU4ii2UBzQe177oyT%2BVEenJ2RUbR%2FfQtoZkTF%2FMDLmFPE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
87cad82f5f319e9f-CDG
link
<https://sec.movienightowl.com/wbpage5/gaming-lefto1/assets/23.556f11bb.css>; rel="canonical"
expires
Tue, 07 May 2024 07:02:50 GMT
23.d6acb9aa.css
w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/assets/ 		571 B
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/assets/23.d6acb9aa.css
Requested by
Host: w.tranquilchallengingclick.buzz
URL: https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83b0d479371174afccba292dcd77c0d61713af4d473f69d1dee8bbbe43e0e242

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:07:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54274
x-edge-location
frpa
x-cache
MISS
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 Apr 2024 03:43:48 GMT
server
cloudflare
etag
W/"23b-616e3984ebbdd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k4vo07SkInlIoNwBdcRbBNg0i686f06zqZzcFbGATsIsbrbCIndiXFQlfZUB8pCMEUJ%2FKhMEYFKvDzZPjLA%2BSD1SxLJkpYFl6CKFCW30ass5%2Bmy0GhAvnX2ZOW%2BoOuYHIcPpP%2BUD5bs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
87cad82f5f329e9f-CDG
link
<https://sec.movienightowl.com/wbpage5/gaming-lefto1/assets/23.d6acb9aa.css>; rel="canonical"
expires
Tue, 07 May 2024 07:02:50 GMT
index.694a3528.css
w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/assets/ 		10 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/assets/index.694a3528.css
Requested by
Host: w.tranquilchallengingclick.buzz
URL: https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
694a35281dbffdd4c45971af827ac5faeafedabfea4e17a23f15edf6a3ea8c89

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:07:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54274
x-edge-location
frpa
x-cache
MISS
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 Apr 2024 03:43:59 GMT
server
cloudflare
etag
W/"26e0-616e398f2df7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cNpQp6ywU3n7qmBisnwEkqvgyqb7cxhIC0kI%2BwOmJF5PFny6as8aeWz5dBcJlK%2BO8Z5OBRyWQbAQN%2BA2aDiVX4QNdlrkNorc4yz4v46JJrKxcdLLTrYV4wLGozJyXEdPc1fuwCuzWj0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
87cad82f5f339e9f-CDG
link
<https://sec.movienightowl.com/wbpage5/gaming-lefto1/assets/index.694a3528.css>; rel="canonical"
expires
Tue, 07 May 2024 07:02:50 GMT
micro.tag.min.js
gauvaiho.net/pfe/current/ 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Requested by
Host: w.tranquilchallengingclick.buzz
URL: https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://w.tranquilchallengingclick.buzz/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 22:07:24 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 10:48:51 GMT
server
nginx
etag
W/"662a3513-9116"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
desert-fight-zombies.97745dcc_sqOe4.png
w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/assets/ 		250 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/assets/desert-fight-zombies.97745dcc_sqOe4.png
Requested by
Host: w.tranquilchallengingclick.buzz
URL: https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f49b87cfe89373090cc8e465d4cacde2b581dcc8eca49498b51d637dfe6e0ac

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:07:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54273
x-edge-location
frpa
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
256432
last-modified
Thu, 25 Apr 2024 03:43:56 GMT
server
cloudflare
etag
"3e9b0-616e398c58616"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2FlfgWmbHxgKZRP8hGl4cKkE4Gqo6b4v1PVaw2GreWW4yA8f%2B3Gk4hDb8L7maHSNVSnRFmQsMawD6%2FJN1yjekHxckBYc4cMe3sSBHWOFf2o9gDVXfbohm0oLhkAmM8go56%2FpJZqcM1w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
87cad82f9f4c9e9f-CDG
link
<https://sec.movienightowl.com/wbpage5/gaming-lefto1/assets/desert-fight-zombies.97745dcc_sqOe4.png>; rel="canonical"
expires
Tue, 07 May 2024 07:02:51 GMT
desert-fight-characters.42d0c3d1_1qEPK2.png
w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/assets/ 		439 KB
439 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/assets/desert-fight-characters.42d0c3d1_1qEPK2.png
Requested by
Host: w.tranquilchallengingclick.buzz
URL: https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
801cca2021535b686a2b6128767baeff6a9c40c8977a019daf38248381cea6cf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:07:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54273
x-edge-location
defr
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
449128
last-modified
Thu, 25 Apr 2024 03:43:54 GMT
server
cloudflare
etag
"6da68-616e398a4c741"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LfLcZdVP2T%2FqC58Ba8mp8eDheCwWeupRSFi6gwuyFaDUq3evqdarZm4JFRjSekLrFJYKFHucatoAfZT7um76KLaWor274s3a461WCFE0EJPexiT3L4VTtDhVkaJVJHkvhJZPetNKcCY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
87cad82f9f4d9e9f-CDG
link
<https://sec.movienightowl.com/wbpage5/gaming-lefto1/assets/desert-fight-characters.42d0c3d1_1qEPK2.png>; rel="canonical"
expires
Tue, 07 May 2024 07:02:51 GMT
desert-fight-bg.9f7d12ff_Z20704Q.jpg
w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/assets/ 		182 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/assets/desert-fight-bg.9f7d12ff_Z20704Q.jpg
Requested by
Host: w.tranquilchallengingclick.buzz
URL: https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a2c106aa3791c1e6e4b0af95a6c813da8c18c9524c15399f9a4dd2991c94c06

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:07:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54274
x-edge-location
defr
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
186868
cf-bgj
h2pri
last-modified
Thu, 25 Apr 2024 03:43:52 GMT
server
cloudflare
etag
"2d9f4-616e39889bd5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bAmlpwd1pme%2FOd7F0hZFYggHnMfcEat2qDdmCtKkJKnknVf%2FgYcw4Wpcipm4iv3oCQv4jugpDOB865JmOXMgQL3exyxz4Qu5%2B7r%2FScLJjXRN2KwuRlDWiFhTUY8Aa0tRmH%2FaVbY99A8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
87cad82f9f4e9e9f-CDG
link
<https://sec.movienightowl.com/wbpage5/gaming-lefto1/assets/desert-fight-bg.9f7d12ff_Z20704Q.jpg>; rel="canonical"
expires
Tue, 07 May 2024 07:02:50 GMT
WKSans-Bold.07187644.woff2
w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/assets/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/assets/WKSans-Bold.07187644.woff2
Requested by
Host: w.tranquilchallengingclick.buzz
URL: https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/assets/23.d6acb9aa.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07187644da3970443c7485c9be81fae3b04f9c5012fa51d6f6ba4342abbf0f3d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/assets/23.d6acb9aa.css
Origin
https://w.tranquilchallengingclick.buzz
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:07:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54273
x-edge-location
frpa
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
12388
last-modified
Thu, 25 Apr 2024 03:44:01 GMT
server
cloudflare
etag
"3064-616e39912ee88"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WCRWvHhBFOAIe4OMdkjgaZqBYa6UEk0ONHMXQHR6ssEEN9xpkxhEhFVNYpJAsfn8u3T5w%2FbN%2B86FlNnCbtWcsADwg%2BjyyU2A4I%2BD7X2ecXRTgRWQhj4MByY5%2BvWGTvNQ4M2lzUutN%2Fg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
87cad82f9f4f9e9f-CDG
link
<https://sec.movienightowl.com/wbpage5/gaming-lefto1/assets/WKSans-Bold.07187644.woff2>; rel="canonical"
expires
Tue, 07 May 2024 07:02:51 GMT
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gauvaiho.net
URL: https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://w.tranquilchallengingclick.buzz/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
sw-check-permissions-4eee0.js
w.tranquilchallengingclick.buzz/ 		0
851 B 		Other
General
Check archive.org
Download Go to
Full URL
https://w.tranquilchallengingclick.buzz/sw-check-permissions-4eee0.js?zoneId=4984707
Requested by
Host: gauvaiho.net
URL: https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:07:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
531053
x-edge-location
frpa
x-cache
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 May 2022 10:33:35 GMT
server
cloudflare
etag
W/"236-5de2d285fa983"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ce%2BpcXWG2QGWZNpl26iPwM5EfL2svgeoWo3zN5q%2Bswhhb8xPe0BonaF1zrycrp7V1n3933iFBM%2BPjGUWKdrzvM16TS9LyVIY2n9B4SlFQZDtiEtycswkYe%2BhI6UB5Ajlx6JD4ZQoKzY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
87cad8304fea9e9f-CDG
link
<https://sec.movienightowl.com/sw-check-permissions-4eee0.js?zoneId=4984707>; rel="canonical"
expires
Wed, 01 May 2024 18:36:31 GMT
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gauvaiho.net
URL: https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://w.tranquilchallengingclick.buzz/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
gauvaiho.net/ 		0
380 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gauvaiho.net/zone?&pub=0&zone_id=4984707&is_mobile=false&domain=w.tranquilchallengingclick.buzz&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=42fabb90-117a-450b-ad2e-e5f089ca728f&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjQifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjQifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjQuMC42MzY3Ljc4In0seyJicmFuZCI6Ikdvb2dsZSBDaHJvbWUiLCJ2ZXJzaW9uIjoiMTI0LjAuNjM2Ny43OCJ9LHsiYnJhbmQiOiJOb3QtQS5CcmFuZCIsInZlcnNpb24iOiI5OS4wLjAuMCJ9XSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IldpbjMyIiwicGxhdGZvcm1WZXJzaW9uIjoiMTAuMC4wIiwid293NjQiOmZhbHNlfQ==
Requested by
Host: gauvaiho.net
URL: https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://w.tranquilchallengingclick.buzz/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
90a836956d93d42088d6a2c752c6e77d
date
Tue, 30 Apr 2024 22:07:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin
https://w.tranquilchallengingclick.buzz
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gauvaiho.net
URL: https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://w.tranquilchallengingclick.buzz/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gauvaiho.net
URL: https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://w.tranquilchallengingclick.buzz/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ 		65 B
556 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4984707&checkDuplicate=true&ymid=&var=&source=pusher
Requested by
Host: gauvaiho.net
URL: https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0c67c90bae162aa25bba6ae208afa7ea1df557b3548a378094d901fe6941bc33
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://w.tranquilchallengingclick.buzz/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:07:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w.tranquilchallengingclick.buzz
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gauvaiho.net
URL: https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://w.tranquilchallengingclick.buzz/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gauvaiho.net
URL: https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://w.tranquilchallengingclick.buzz/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
gauvaiho.net/ 		830 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gauvaiho.net/zone?&pub=0&zone_id=4984707&is_mobile=false&domain=w.tranquilchallengingclick.buzz&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=42fabb90-117a-450b-ad2e-e5f089ca728f&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjQifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjQifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjQuMC42MzY3Ljc4In0seyJicmFuZCI6Ikdvb2dsZSBDaHJvbWUiLCJ2ZXJzaW9uIjoiMTI0LjAuNjM2Ny43OCJ9LHsiYnJhbmQiOiJOb3QtQS5CcmFuZCIsInZlcnNpb24iOiI5OS4wLjAuMCJ9XSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IldpbjMyIiwicGxhdGZvcm1WZXJzaW9uIjoiMTAuMC4wIiwid293NjQiOmZhbHNlfQ==
Requested by
Host: gauvaiho.net
URL: https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8e336473fdaa6c6bea84e293e6e358ae5602530cd166316c111d30d68b1eee80
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://w.tranquilchallengingclick.buzz/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
c92d496991bdfb66409160b45242e043
date
Tue, 30 Apr 2024 22:07:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w.tranquilchallengingclick.buzz
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
830
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gauvaiho.net
URL: https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://w.tranquilchallengingclick.buzz/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gauvaiho.net
URL: https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://w.tranquilchallengingclick.buzz/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
favicon-32x32.66e88d11.ico
w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/ 		4 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/favicon-32x32.66e88d11.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66e88d1139311cdf8e39a0b8ba809f90a824eee2fb36e37c218f6b6b2e1ffba2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:07:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53115
x-edge-location
defr
x-cache
MISS
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 Apr 2024 03:43:41 GMT
server
cloudflare
etag
W/"10be-616e397e19665"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d7DEaih1yWR0%2BofdwTu2XcsmRnK9FORZE5RYXBXNBaYkMCNfVhsrKnomVC%2BM8OH2Fe7PXi34RFxhHyeTzVkA4w05g1KyahRUDy2xGrD9XWh89Sr4ryIBDdgmE4w78Xv8hWr1%2Bkqdib0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
87cad83309649e9f-CDG
link
<https://sec.movienightowl.com/wbpage5/gaming-lefto1/favicon-32x32.66e88d11.ico>; rel="canonical"
expires
Tue, 07 May 2024 07:22:09 GMT
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gauvaiho.net
URL: https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://w.tranquilchallengingclick.buzz/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| s function| go function| getParam object| zfgformats

5 Cookies

Domain/Path Name / Value
harrenmedia.g2afse.com/ Name: afclick
Value: 66316b987c23bd0001fa86fc
.stravaganz.com/ Name: cf_clearance
Value: iSt1QOUvQ3CihvEuBcZ9LHrfNKK0hFM0Ry5s.WRg6HM-1714514841-1.0.1.1-pnt9JOnyKa6RXF9VTfQ6YRo7AQujtytNJo9zHuM.8ZZzA4A052cQTiNS0_YEe1FkX8HLWDkU.c3DE2mLYvp8.w
.merterpazar.com/ Name: dc238e43-201c-4164-ab38-0936a977262e-v4
Value: HClw0DSISn0Hwo8hN_yYtz-XWJM3ctcq_JshfDAnvvY
.merterpazar.com/ Name: cep-v4
Value: JqxPw9QeeArQthhrxvXt_A6fKvwMrz1zeG2tQimmO1kDHGkxGeAnqSJXdHBbdOMmbq2ToW2Ht1m9RoJpDWO9LWCP7DTNWoLcyj_l39cQ1_Pi453vU0Y5RfLkCA9QnexYhMTTOXRyAdYx-6u1UT4MFDZ22xIyQx00-8EHR0aVD9aX15dkxNOYE-g5R3sE3JgSijNXvgNnRtWHGOmCyyi7ECyXVe7fHURXK3OOxv_Eb6nibvmBOZNqbQNgo21XoCYDRtSr1mZuFj8TiL-1Z3cQ9cdr8cdyO68pUMLQj4g904j9eGPKeYgWxCRXs7FrmoLG536hAtWdt04nE4TK2yDqlqIvsyqGJLES5ndJfqy_uHZ3NILkrgLB0HFKtN4eBdZCDaBNGRkLHgON3ZLtG5NV8AQGHlQ23Q5mNjSAbyIXdjUwd4ZQ79q0U2CXymkd2nTMno9_0sfrJk8tQTVSXGJHB_d-9KVlbEupp0X5ClRSPY61nUxVsm0594jAMxKOPgWV
my.rtmark.net/ Name: ID
Value: 01804e1419544b09e721fd388180e36a

1 Console Messages

Source Level URL
Text
other warning URL: https://w.tranquilchallengingclick.buzz/wbpage5/gaming-lefto1/index.html?td=merterpazar.com&cep=7cNbcDbYoW7bUoXTJUOfwzKS_JkY3skQRytlX0Bl9cNpg0dbiCJltKtMoTZ6aVUq2F1etMnkHYCfqqOyMa7j4FhW71qA_i4Fq5-uwhj7AzIHiK2F5ENBtdBgyVjOL6Dxck7jAv44XLPW3nSZquVike-q-EEsE727bes2pVuW34YNBGTHdfsEhPzUlBor8CNH4DslJ6dMkABUxgFMVNk_sTh78dW-ekwyfhH7pIDR7y-eVJ6PV271qnhT-CFbZlUoMgUJx9vitYf4Lb0r5ajRpH9typ7G3Njl__0z-nWKFuYEwqyOeFXt9OXkIMpOrhkYUEW8P_i3LgKAU8r9AQHYXRkHZn_7b5mBzUBIB-RQezFr-hdRnwjroOhfnpqxnHmg--JYyP2OszGcAhb30gavp_K7qOKOWyNgI9I_e7ypPV6Gzcc-Ykx56JFg5Z2__zvI2Ir09s4bQJ20-3O1o1RnNFaPkUMYkW-wNeBFkR6W52SRHtxJMhEl5fB01tMzM--A&lptoken=176b14c1515b66de4306&2=13260&3=13260-e3179af7-95b254db&1=M7363785170618417201#
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admoustache.aftrad-visit.com
cdn.addlnk.com
gauvaiho.net
harrenmedia.g2afse.com
jouteetu.net
merterpazar.com
my.rtmark.net
tuk.kutberg.com
w.tranquilchallengingclick.buzz
www.trimbuilder.foundation
zags.stravaganz.com
139.45.195.8
139.45.197.251
172.67.185.188
172.67.198.198
172.67.71.68
188.114.96.3
34.91.142.64
51.68.82.147
99.198.106.194
00d14df79d4f548a50f6e4ec6dad066d7de7f162efbe8b93bd0d3f87400d54cb
07187644da3970443c7485c9be81fae3b04f9c5012fa51d6f6ba4342abbf0f3d
0c67c90bae162aa25bba6ae208afa7ea1df557b3548a378094d901fe6941bc33
54fa9fe81fa579cf17e573f138f977b4b27fe30bd1d8b8f2162ec97c250bccb6
66e88d1139311cdf8e39a0b8ba809f90a824eee2fb36e37c218f6b6b2e1ffba2
694a35281dbffdd4c45971af827ac5faeafedabfea4e17a23f15edf6a3ea8c89
6a2c106aa3791c1e6e4b0af95a6c813da8c18c9524c15399f9a4dd2991c94c06
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
7f49b87cfe89373090cc8e465d4cacde2b581dcc8eca49498b51d637dfe6e0ac
801cca2021535b686a2b6128767baeff6a9c40c8977a019daf38248381cea6cf
83b0d479371174afccba292dcd77c0d61713af4d473f69d1dee8bbbe43e0e242
8e336473fdaa6c6bea84e293e6e358ae5602530cd166316c111d30d68b1eee80
9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fd1a3a98c130c5181ab7dc32317a986012f1bcd370cc2a80e5abc123445da7
ee7ca04a68c6a6319c289d75336e7d2d81677812e8af8d8e1f08581c6355d025