urlscan.io logo urlscan.io
SecurityTrails logo

mov18plus.cloud Open in urlscan Pro
172.67.185.220  Public Scan

Go To Rescan Add Verdict Report
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Submission: On December 18 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 3 countries across 31 domains to perform 60 HTTP transactions. The main IP is 172.67.185.220, located in United States and belongs to CLOUDFLARENET, US. The main domain is mov18plus.cloud.
TLS certificate: Issued by WE1 on October 28th 2024. Valid for: 3 months.
This is the only time mov18plus.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 172.67.185.220 13335 (CLOUDFLAR...)
5 2a04:4e42:400... 54113 (FASTLY)
1 172.67.145.214 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 172.67.71.57 13335 (CLOUDFLAR...)
2 172.67.179.211 13335 (CLOUDFLAR...)
1 199.232.196.193 54113 (FASTLY)
2 2606:4700:21:... 13335 (CLOUDFLAR...)
1 172.67.8.141 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 74.125.192.94 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:21:... 13335 (CLOUDFLAR...)
1 23.212.251.9 20940 (AKAMAI-AS...)
2 3.128.213.107 16509 (AMAZON-02)
1 172.67.167.79 13335 (CLOUDFLAR...)
1 104.18.13.146 13335 (CLOUDFLAR...)
1 3.167.69.77 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 23.212.251.25 20940 (AKAMAI-AS...)
2 23.212.251.27 20940 (AKAMAI-AS...)
2 67.202.105.32 32748 (STEADFAST)
2 3 18.214.43.89 14618 (AMAZON-AES)
3 4 68.67.161.208 29990 (ASN-APPNEX)
1 1 15.197.193.217 16509 (AMAZON-02)
1 1 67.202.105.22 32748 (STEADFAST)
1 35.244.154.8 396982 (GOOGLE-CL...)
4 6 54.156.26.12 14618 (AMAZON-AES)
2 2 209.85.201.157 15169 (GOOGLE)
1 1 67.202.105.24 32748 (STEADFAST)
1 172.67.186.11 13335 (CLOUDFLAR...)
1 148.163.94.10 53755 (IOFLOOD)
1 142.250.31.101 15169 (GOOGLE)
60 34
9    172.67.185.220 (United States)

ASN13335 (CLOUDFLARENET, US)
mov18plus.cloud
5    2a04:4e42:400::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
1    172.67.145.214 (United States)

ASN13335 (CLOUDFLARENET, US)
krx18.com
3    2607:f8b0:400d:c09::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.67.71.57 (United States)

ASN13335 (CLOUDFLARENET, US)
waust.at
2    172.67.179.211 (United States)

ASN13335 (CLOUDFLARENET, US)
hls5-eu.zcdn.stream
1    199.232.196.193 (United States)

ASN54113 (FASTLY, US)
i.imgur.com
2    2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscout.com
1    172.67.8.141 (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
3    2607:f8b0:400d:c1d::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:400d:c02::66 (Morganton, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:400d:c09::9a (Morganton, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    74.125.192.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f94.1e100.net
www.google.ca
3    2607:f8b0:400d:c01::71 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscout.com
1    23.212.251.9 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-212-251-9.deploy.static.akamaitechnologies.com
pxdrop.lijit.com
2    3.128.213.107 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-128-213-107.us-east-2.compute.amazonaws.com
pd.sharethis.com
1    172.67.167.79 (United States)

ASN13335 (CLOUDFLARENET, US)
p.dtsan.net
1    104.18.13.146 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
1    3.167.69.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-69-77.iad61.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:20::681a:c3c (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscdn.com
1    23.212.251.25 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-212-251-25.deploy.static.akamaitechnologies.com
pxdrop.lijit.com
2    23.212.251.27 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-212-251-27.deploy.static.akamaitechnologies.com
t.sharethis.com
2    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
ic.tynt.com
de.tynt.com
3    18.214.43.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-43-89.compute-1.amazonaws.com
map.go.affec.tv
4    68.67.161.208 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
dp2.33across.com
1    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
6    54.156.26.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-26-12.compute-1.amazonaws.com
ps.eyeota.net
2    209.85.201.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f157.1e100.net
cm.g.doubleclick.net
1    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
dp1.33across.com
1    172.67.186.11 (United States)

ASN13335 (CLOUDFLARENET, US)
beastx.top
1    148.163.94.10 (Phoenix, United States)

ASN53755 (IOFLOOD, US)
PTR: we.love.servers.at.ioflood.net
delivery-2667-148-10.na.plxcdn.stream
1    142.250.31.101 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f101.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
9 mov18plus.cloud
mov18plus.cloud
131 KB
6 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1141
3 KB
5 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2079
316 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 495
4 KB
4 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 30951
t.sharethis.com — Cisco Umbrella Rank: 7050
5 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
2 KB
3 affec.tv
map.go.affec.tv — Cisco Umbrella Rank: 7841
2 KB
3 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 19954
ic.tynt.com — Cisco Umbrella Rank: 16377
de.tynt.com — Cisco Umbrella Rank: 1582
12 KB
3 gstatic.com
www.gstatic.com
29 KB
3 dtscout.com
t.dtscout.com — Cisco Umbrella Rank: 12485
5 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
289 KB
2 33across.com
dp2.33across.com — Cisco Umbrella Rank: 15644
dp1.33across.com — Cisco Umbrella Rank: 5746
1019 B
2 lijit.com
pxdrop.lijit.com — Cisco Umbrella Rank: 4260
2 KB
2 google.com
analytics.google.com — Cisco Umbrella Rank: 142
2 zcdn.stream
hls5-eu.zcdn.stream
5 KB
1 plxcdn.stream
delivery-2667-148-10.na.plxcdn.stream
356 KB
1 beastx.top
beastx.top
727 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 476
439 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
603 B
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 13358
763 B
1 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1010
19 KB
1 dtsan.net
p.dtsan.net — Cisco Umbrella Rank: 35838
4 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 11557
63 B
1 amung.us
whos.amung.us — Cisco Umbrella Rank: 22332
250 B
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 8961
238 B
1 waust.at
waust.at — Cisco Umbrella Rank: 48638
4 KB
1 krx18.com
krx18.com — Cisco Umbrella Rank: 715413
3 KB
0 krxd.net Failed
usermatch.krxd.net Failed
0 bluekai.com Failed
tags.bluekai.com Failed
0 exelator.com Failed
loada.exelator.com Failed
60 31
Domain Requested by
9 mov18plus.cloud 1 redirects mov18plus.cloud
6 ps.eyeota.net 4 redirects mov18plus.cloud
5 ssl.p.jwpcdn.com mov18plus.cloud
ssl.p.jwpcdn.com
4 secure.adnxs.com 3 redirects mov18plus.cloud
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 map.go.affec.tv 2 redirects mov18plus.cloud
3 www.gstatic.com ssl.p.jwpcdn.com
www.gstatic.com
3 t.dtscout.com waust.at
t.dtscout.com
3 www.googletagmanager.com mov18plus.cloud
www.googletagmanager.com
2 cm.g.doubleclick.net 2 redirects
2 t.sharethis.com pd.sharethis.com
t.sharethis.com
2 pd.sharethis.com t.dtscout.com
mov18plus.cloud
2 pxdrop.lijit.com t.dtscout.com
pxdrop.lijit.com
2 analytics.google.com www.googletagmanager.com
2 hls5-eu.zcdn.stream ssl.p.jwpcdn.com
1 delivery-2667-148-10.na.plxcdn.stream ssl.p.jwpcdn.com
1 beastx.top ssl.p.jwpcdn.com
1 dp1.33across.com 1 redirects
1 idsync.rlcdn.com mov18plus.cloud
1 dp2.33across.com 1 redirects
1 match.adsrvr.org 1 redirects
1 de.tynt.com cdn.tynt.com
1 ic.tynt.com mov18plus.cloud
1 t.dtscdn.com t.dtscout.com
1 tags.crwdcntrl.net t.dtscout.com
1 cdn.tynt.com waust.at
1 p.dtsan.net t.dtscout.com
1 www.google.ca mov18plus.cloud
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 whos.amung.us waust.at
1 i.imgur.com mov18plus.cloud
1 waust.at mov18plus.cloud
1 krx18.com mov18plus.cloud
0 usermatch.krxd.net Failed mov18plus.cloud
0 tags.bluekai.com Failed de.tynt.com
0 loada.exelator.com Failed mov18plus.cloud
60 37

This site contains links to these domains. Also see Links.

Domain
holahupa.com
Subject Issuer Validity Valid
mov18plus.cloud
WE1		 2024-10-28 -
2025-01-26		 3 months crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-07-02 -
2025-08-03		 a year crt.sh
krx18.com
WE1		 2024-11-08 -
2025-02-06		 3 months crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
waust.at
WE1		 2024-10-28 -
2025-01-26		 3 months crt.sh
zcdn.stream
WE1		 2024-12-10 -
2025-03-11		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh
dtscout.com
WE1		 2024-11-08 -
2025-02-06		 3 months crt.sh
amung.us
WE1		 2024-11-02 -
2025-01-31		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.google.ca
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
cert2-prod.aut.a24365.net
R11		 2024-12-16 -
2025-03-16		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M03		 2024-04-21 -
2025-05-20		 a year crt.sh
dtsan.net
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-05 -
2025-09-30		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2024-09-07 -
2025-10-07		 a year crt.sh
dtscdn.com
WE1		 2024-11-04 -
2025-02-02		 3 months crt.sh
cert1-prod.aut.a24365.net
R11		 2024-11-04 -
2025-02-02		 3 months crt.sh
beastx.top
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh
delivery-2667-148-10.na.plxcdn.stream
R10		 2024-11-18 -
2025-02-16		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Frame ID: 033D9D8E72A527E7399099EB96FA7CDE
Requests: 56 HTTP requests in this frame

Frame: data://truncated
Frame ID: EAEC85B161EAFA05130A9E47EDF614BC
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-CELP8E43D2&gacid=1570528907.1734520639&gtm=45je4cc1v877485124za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=919255834
Frame ID: 59CCF7A180EE961C07BA493F3F6753F8
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=4C30173452063911502B6023B64B4BE0
Frame ID: 6460399A5822E99726B78039FE469959
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/a/t_.htm?ver=1.1620.860&cid=c026&cls=sync
Frame ID: BE30D67A67D59B0AF1A673BDA198083F
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1620.23405&cid=c010&cls=C
Frame ID: 399BEEA8D3CD292C585887470BF8194A
Requests: 1 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=212697587961797&ret=html&random=1734520640
Frame ID: 7985D93DE66E8AB75F7F19E22997C99E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lampas.Langit.2022.1080p.Eng.Sub.mp4 - Mov18plus.Cloud

Page URL History Show full URLs

  1. https://mov18plus.cloud/v/LG3w5D4jdaf2 HTTP 301
    http://mov18plus.cloud/v/LG3w5D4jdaf2/ HTTP 307
    https://mov18plus.cloud/v/LG3w5D4jdaf2/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

85 %
HTTPS

28 %
IPv6

31
Domains

37
Subdomains

34
IPs

3
Countries

1204 kB
Transfer

3128 kB
Size

43
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mov18plus.cloud/v/LG3w5D4jdaf2 HTTP 301
    http://mov18plus.cloud/v/LG3w5D4jdaf2/ HTTP 307
    https://mov18plus.cloud/v/LG3w5D4jdaf2/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://pixel.onaudience.com/?partner=137085098&mapped=4C30173452063911502B6023B64B4BE0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
Request Chain 50
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1734520639882.4&r=true HTTP 302
  • https://tags.bluekai.com/site/27519?id=212697587961797&ret=html&random=1734520640
Request Chain 51
  • https://map.go.affec.tv/map/3a/?pid=CoIKSmdirz9l9W4YA4WvAg%3D%3D&us_privacy=&ts=1734520639882.1 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D6762af40d139a8000150e067%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D6762af40d139a8000150e067%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%2526gdpr_consent%253D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://map.go.affec.tv/map/an/3648015628340815026?ch=6762af40d139a8000150e067&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/ttd/46905884-f1e3-4350-81d0-08eb18999108?ttd_puid=&gdpr=0&gdpr_consent=
Request Chain 52
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSmdirz9l9W4YA4WvAg%3D%3D&us_privacy=&random=1734520639882.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSmdirz9l9W4YA4WvAg%3D%3D&us_privacy=&random=1734520639882.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=0a00b557-117a-4ea3-8907-3239f5eaaa43%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=0a00b557-117a-4ea3-8907-3239f5eaaa43%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=77f59887-962b-44e5-b87f-45ea01a8d1b2&ttd_puid=0a00b557-117a-4ea3-8907-3239f5eaaa43%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=tapad
Request Chain 53
  • https://dp2.33across.com/ps/?pid=1205&rand=1734520639882.3&r=true HTTP 302
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212922240502964
Request Chain 54
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKSmdirz9l9W4YA4WvAg%3D%3D&us_privacy=&33random=1734520639882.5&cat=33across HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKSmdirz9l9W4YA4WvAg%3D%3D&us_privacy=&33random=1734520639882.5&cat=33across HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MmZ6VFFER3Nuc08yZEN0NGg3bm8tUTJ3ZFRZSFZPNVZGUjQzQTRCbUpNc2s&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671 HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEFkEEPcgZqk-TcUkIMSoezM&google_cver=1
Request Chain 55
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKSmdirz9l9W4YA4WvAg%3D%3D&us_privacy=&random=1734520639882.6&pu=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&r=true HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212698064352546&seg_code=33x&random=1734520640 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212698064352546%26seg_code%3D33x%26random%3D1734520640
Request Chain 56
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKSmdirz9l9W4YA4WvAg%3D%3D&us_privacy=&33random=1734520639882.7&cat=33across HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKSmdirz9l9W4YA4WvAg%3D%3D&us_privacy=&33random=1734520639882.7&cat=33across HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MmZ6VFFER3Nuc08yZEN0NGg3bm8tUTJ3ZFRZSFZPNVZGUjQzQTRCbUpNc2s&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671 HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEFRo4GagWMW0FAPWbMUuBZk&google_cver=1

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mov18plus.cloud/v/LG3w5D4jdaf2/
Redirect Chain
  • https://mov18plus.cloud/v/LG3w5D4jdaf2
  • http://mov18plus.cloud/v/LG3w5D4jdaf2/
  • https://mov18plus.cloud/v/LG3w5D4jdaf2/
29 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaea51cebbe2f4b14fd4c235e9584f107384e9bd64653932235503f203055185
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8f3ebee66c2c36c1-YYZ
content-encoding
zstd
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 11:17:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=99BT0QZJtezF638j18erZw288NnvT68vHvGuU%2Bd86iSjG%2FiT%2FgaRcJONmm453EhvFdU4hHH26gHidL%2BTy1Fw1bZwQUVXnrAxUqt9eKByukThdnnnPc3uSBtiGhC3i4Wvzxg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=25473&min_rtt=25144&rtt_var=3427&sent=16&recv=13&lost=0&retrans=0&sent_bytes=5170&recv_bytes=4987&delivery_rate=36217&cwnd=12000&unsent_bytes=0&cid=979d8c4e47bd2765&ts=458&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://mov18plus.cloud/v/LG3w5D4jdaf2/
Non-Authoritative-Reason
HSTS
jquery-3.6.0.min.js
mov18plus.cloud/assets/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mov18plus.cloud/assets/js/jquery-3.6.0.min.js
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/v/LG3w5D4jdaf2/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6048d779-15d9d"
age
1649625
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V2nLzbaEVL4xtHzWw8Y6HL8eOrDCSJfHhaBuwKvomuvnz8K%2FWVsnyMxNZnWUJITFR26P%2Fn%2FCZfoEhwVOtqYKkUCIKUg%2B8ZLwFB5n5dGsthFa80HV5LSwvM%2BV70B2kt3237Y%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 28 Dec 2024 06:44:58 GMT
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=27537&min_rtt=25144&rtt_var=3188&sent=39&recv=31&lost=1&retrans=1&sent_bytes=26729&recv_bytes=7429&delivery_rate=23337&cwnd=11760&unsent_bytes=0&cid=979d8c4e47bd2765&ts=582&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 11:17:18 GMT
content-type
application/javascript
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3ebee80d1c36c1-YYZ
access-control-allow-origin
*
server
cloudflare
devtools-detector.js
mov18plus.cloud/assets/js/ 		34 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mov18plus.cloud/assets/js/devtools-detector.js
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0e0242f674df0404ecd186afd253208c848369310010c7a2a98c21e52cf023e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/v/LG3w5D4jdaf2/

Response headers

content-encoding
zstd
cf-bgj
minify
etag
W/"6693996a-8781"
age
2225616
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oBr6xD2bvDqN%2FGm5MfQI3Nxws4lsRWih2iyiZFEcpekHyG%2BsEAeFRD%2FIyRmaGjoI%2B0ZAmpE41o22I9xOJxfn%2FYOu9QRY42IKKWGQ5DcpA4kWCsj4a7ZHpNTDrN0jRY0XYg8%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 07 Dec 2024 03:56:38 GMT
cf-polished
origSize=34689
x-cache
HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 11:17:18 GMT
content-type
application/javascript
last-modified
Sun, 14 Jul 2024 09:24:58 GMT
vary
Accept-Encoding
priority
u=1,i=?0
server-timing
cfL4;desc="?proto=QUIC&rtt=27537&min_rtt=25144&rtt_var=3188&sent=46&recv=31&lost=1&retrans=1&sent_bytes=35047&recv_bytes=7429&delivery_rate=23337&cwnd=11760&unsent_bytes=0&cid=979d8c4e47bd2765&ts=584&x=1", cfExtPri, cfHdrFlush;dur=5
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3ebee80d1e36c1-YYZ
access-control-allow-origin
*
server
cloudflare
pako.min.js
mov18plus.cloud/assets/js/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mov18plus.cloud/assets/js/pako.min.js
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ede2693a4a6a5126b9d35669062b358ecab6ae7b9b86a1cf302feb45a8514907
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/v/LG3w5D4jdaf2/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"636858ed-b70b"
age
272885
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LnRAwT8Co7qePgEWw%2Fb2KDmfcUsuklFywPkBsOge7yDs2zSlu9k1OnTnXqu%2FVJ9WyCO9EH%2FYiRNW27gbbEAhId7LYBqnUYmPSMkr9Tq%2Fj59i6%2B%2FMg3jMGlClatDIa7GcKH4%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 31 Dec 2024 01:36:29 GMT
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=27537&min_rtt=25144&rtt_var=3188&sent=46&recv=31&lost=1&retrans=1&sent_bytes=35047&recv_bytes=7429&delivery_rate=23337&cwnd=11760&unsent_bytes=0&cid=979d8c4e47bd2765&ts=583&x=1", cfExtPri, cfHdrFlush;dur=6
date
Wed, 18 Dec 2024 11:17:18 GMT
content-type
application/javascript
last-modified
Mon, 07 Nov 2022 01:01:33 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3ebee80d1f36c1-YYZ
access-control-allow-origin
*
server
cloudflare
sweetalert2.js
mov18plus.cloud/assets/js/ 		158 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mov18plus.cloud/assets/js/sweetalert2.js
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f5c194ebd21e077de6cda50344268096817b906e8d77746bef0530bd4385b3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/v/LG3w5D4jdaf2/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"673d5982-27924"
age
1586229
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4cGBB%2Fwa9NnhIf1xCGqtbxAbz4PSDTr6MOXs88kf9gpqk38U3Rre%2FGV0%2F2JcJum5LsUACeRlSoGhbZf2Hv%2BOtiprbQN1%2FqrI7KoDRUEoTYp0nQc%2F2r2CF8sIPf8Zo%2FAxyRM%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 29 Dec 2024 01:10:09 GMT
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=27537&min_rtt=25144&rtt_var=3188&sent=46&recv=31&lost=1&retrans=1&sent_bytes=35047&recv_bytes=7429&delivery_rate=23337&cwnd=11760&unsent_bytes=0&cid=979d8c4e47bd2765&ts=583&x=1", cfExtPri, cfHdrFlush;dur=6
date
Wed, 18 Dec 2024 11:17:18 GMT
content-type
application/javascript
last-modified
Wed, 20 Nov 2024 03:37:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3ebee80d2036c1-YYZ
access-control-allow-origin
*
server
cloudflare
sweetalert2_theme-dark.min.css
mov18plus.cloud/assets/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mov18plus.cloud/assets/css/sweetalert2_theme-dark.min.css
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ed9f47f30080fa591c9b6058f7508e490c1cbd904d9a757d713d4956f81e174
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/v/LG3w5D4jdaf2/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"648c1e62-5103"
age
62175
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D2xeTURWelLpF083y0PQZlxg7m3zN3OE9YN1mcvNIphkEPBpJv3i4Z7FQmPWKbtg1BkXHbwwrtLDotHQdZu47H9kN0SjYEGDNtgM2uDGTCf0FkmLpfv4qvwi4G%2FHq5o9N%2B4%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 06 Jan 2025 01:49:02 GMT
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=27537&min_rtt=25144&rtt_var=3188&sent=46&recv=31&lost=1&retrans=1&sent_bytes=35047&recv_bytes=7429&delivery_rate=23337&cwnd=11760&unsent_bytes=0&cid=979d8c4e47bd2765&ts=584&x=1", cfExtPri, cfHdrFlush;dur=25
date
Wed, 18 Dec 2024 11:17:18 GMT
content-type
text/css
last-modified
Fri, 16 Jun 2023 08:33:38 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3ebee80d2136c1-YYZ
access-control-allow-origin
*
server
cloudflare
playerx_v5.css
mov18plus.cloud/templates/jwplayer/assets/css/ 		1002 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mov18plus.cloud/templates/jwplayer/assets/css/playerx_v5.css
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d8ef5b8f183dd1dbecac3ecc8861b211bb41f1018a2de8e8d30fdbf65d04620
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/v/LG3w5D4jdaf2/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"648c34f4-3ea"
age
954697
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GF%2FjGDT%2B5T7Yg4v7cw8JESYnjdxVt%2FV0ektbW%2BLqZ7xcadHJ1hsOYaH6lvoDRYYZp3XErwSftUn%2Fd0a2lBry%2FHvvR%2BEk7V3IlywC4iadxNNBhV7xZNSCENvOcngpi5zHbg0%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 06 Jan 2025 09:55:33 GMT
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=27537&min_rtt=25144&rtt_var=3188&sent=46&recv=31&lost=1&retrans=1&sent_bytes=35047&recv_bytes=7429&delivery_rate=23337&cwnd=11760&unsent_bytes=0&cid=979d8c4e47bd2765&ts=585&x=1", cfExtPri, cfHdrFlush;dur=24
date
Wed, 18 Dec 2024 11:17:18 GMT
content-type
text/css
last-modified
Fri, 16 Jun 2023 10:09:56 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3ebee80d2336c1-YYZ
access-control-allow-origin
*
server
cloudflare
jwplayer.js
ssl.p.jwpcdn.com/player/v/8.36.2/ 		145 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.36.2/jwplayer.js
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee28fb495ac5b28ae38033e36a640d41dfeb2528c5124ff0203b09b06c05a36d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

content-encoding
gzip
etag
"5454f51ab2c9ba10955938c3458ef45d"
age
97749
x-cache
HIT
date
Wed, 18 Dec 2024 11:17:18 GMT
last-modified
Thu, 12 Sep 2024 17:51:59 GMT
vary
Accept-Encoding
x-cache-hits
0
content-type
application/javascript
x-served-by
cache-yul1970025-YUL
cache-control
max-age=31536000, immutable
x-timer
S1734520639.950691,VS0,VE1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
53301
server
AmazonS3
library_v4.0.js
mov18plus.cloud/assets/js/ 		74 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mov18plus.cloud/assets/js/library_v4.0.js
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc7cdfe66d524c203023659226c1b1e8a690fe738b78c0eabc2d5c2740221249
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/v/LG3w5D4jdaf2/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"675dae95-12937"
age
327522
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kLrHzFTFxQrLPVP9uB6ikKQ2V9bmHmrqMmgVMvK6eVBzxitnwY%2F2yjIgB0OO8xgKUqxlYJedZW8OqFHzJTdCsqAZJqS7ljuJFu23RspY8QBGxL7znPvOYMaEAqin2yeqzGk%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 13 Jan 2025 16:18:21 GMT
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=30411&min_rtt=25032&rtt_var=6101&sent=66&recv=42&lost=1&retrans=1&sent_bytes=50249&recv_bytes=8179&delivery_rate=387928&cwnd=11760&unsent_bytes=0&cid=979d8c4e47bd2765&ts=633&x=1", cfExtPri, cfHdrFlush;dur=1
date
Wed, 18 Dec 2024 11:17:18 GMT
content-type
application/javascript
last-modified
Sat, 14 Dec 2024 16:13:09 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3ebee85d4e36c1-YYZ
access-control-allow-origin
*
server
cloudflare
show-promote.js
krx18.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://krx18.com/show-promote.js
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.145.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc7a453bd023815f608c19f6ad043849a255fec0198960def9bf4f6e50e4ea5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"668eec6f-2106"
age
23225
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F4IMB4ILY0vkChcieltVQKx%2Bzsna00%2FNfZ4eD1qHE%2F%2FfJBjudhNSvhj3GH94Plll2U1o5MLHUagOGqaPea67Rcy1dZf0vRDCtTJhgYG2k765ja5kP8LyWx3msMA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
x-cache
HIT from Backend
server-timing
cfL4;desc="?proto=QUIC&rtt=25547&min_rtt=25534&rtt_var=9600&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4193&recv_bytes=5483&delivery_rate=116244&cwnd=12000&unsent_bytes=0&cid=b72231b044fbba83&ts=48&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
application/javascript
last-modified
Wed, 10 Jul 2024 20:17:51 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=31536000
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3ebee9fd3eaa9a-YYZ
x-xss-protection
1; mode=block
server
cloudflare
js
www.googletagmanager.com/gtag/ 		310 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CELP8E43D2
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf14e4adce295f2bdfc0586ba23e7e37c1b2b956a3157fe8e17ec10d154a5a1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 11:17:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107430
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		323 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2ELDB1X547
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
345e5c4063c5b0acc8e764b3cda50b77234c1f2792e376acdbe20f9025a1fa38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 11:17:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109931
x-xss-protection
0
server
Google Tag Manager
vast.js
ssl.p.jwpcdn.com/player/v/8.36.2/ 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.36.2/vast.js
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.36.2/jwplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40ae1c5c67d05ba186532a247c9334abcd31b164a7b17c318ccf62e9617d5428

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

content-encoding
gzip
etag
"3f643a61cc07ada16997534232e0fd35"
age
81137
x-cache
HIT
date
Wed, 18 Dec 2024 11:17:19 GMT
last-modified
Thu, 12 Sep 2024 17:52:04 GMT
vary
Accept-Encoding
x-cache-hits
0
content-type
application/javascript
x-served-by
cache-yul1970025-YUL
cache-control
max-age=86400, immutable
x-timer
S1734520639.049131,VS0,VE1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
32809
server
AmazonS3
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.36.2/ 		322 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.36.2/jwplayer.core.controls.js
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.36.2/jwplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efd4bdf5c117754802f889555f4396867101f917ce259303d8171371e2903589

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

content-encoding
gzip
etag
"96388c8374190b02b1c684940b0c267c"
age
89602
x-cache
HIT
date
Wed, 18 Dec 2024 11:17:19 GMT
last-modified
Thu, 12 Sep 2024 17:51:58 GMT
vary
Accept-Encoding
x-cache-hits
13
content-type
application/javascript
x-served-by
cache-yul1970025-YUL
cache-control
max-age=31536000, immutable
x-timer
S1734520639.049894,VS0,VE0
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
86413
server
AmazonS3
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.36.2/ 		451 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.36.2/provider.hlsjs.js
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.36.2/jwplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
423fb0c266f4a755fb3e2d9093f92b92a7e9bfe4c0c4a900b4342c5b9f6ea0cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

content-encoding
gzip
etag
"283d59c375ad57728e89bd2fd1b6af1d"
age
105490
x-cache
HIT
date
Wed, 18 Dec 2024 11:17:19 GMT
last-modified
Thu, 12 Sep 2024 17:52:00 GMT
vary
Accept-Encoding
x-cache-hits
6
content-type
application/javascript
x-served-by
cache-yul1970025-YUL
cache-control
max-age=31536000, immutable
x-timer
S1734520639.054761,VS0,VE0
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
139783
server
AmazonS3
s.js
waust.at/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waust.at/s.js
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"676078e1-2170"
age
891
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n7%2Fnts9ShyxRwnRa0L8Lgw5sCVOkXbCrAUTh%2FXUWbAQ2UI96VRZevv9gCINIiTqAniVuITsbRBIAvzdjjriV710jXB%2BIDh69AR%2BZkuHQ2NJysHRKmZAwk7TZ"}],"group":"cf-nel","max_age":604800}
expires
Thu, 19 Dec 2024 11:02:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25331&min_rtt=25318&rtt_var=9519&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4241&recv_bytes=4225&delivery_rate=125297&cwnd=12000&unsent_bytes=0&cid=ebf3134082ce6275&ts=63&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
application/x-javascript
last-modified
Mon, 16 Dec 2024 19:00:49 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3ebeeaaa0b39de-YYZ
access-control-allow-origin
*
server
cloudflare
truncated
/ Frame EAEC 		345 B
0 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb84c0c9e63dad4d5e85af2c4c5009fba72f4eabee76bdc34bfe9fc5806adfba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Content-Type
application/pdf
truncated
/ 		253 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac948c688f91a59a668b92b5762922afc5e9f8f143c8cf65c5e510ae1ceaef92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=UTF-8
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.36.2/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.36.2/provider.cast.js
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.36.2/jwplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a3295ea5c534bc411a3594bd185754fd114eab07b5e6bdab0413f5baa73a3a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

content-encoding
gzip
etag
"6845ee92be171e74fa52afb108031414"
age
96826
x-cache
HIT
date
Wed, 18 Dec 2024 11:17:19 GMT
last-modified
Thu, 12 Sep 2024 17:52:00 GMT
vary
Accept-Encoding
x-cache-hits
2
content-type
application/javascript
x-served-by
cache-yul1970025-YUL
cache-control
max-age=31536000, immutable
x-timer
S1734520639.206086,VS0,VE0
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
10065
server
AmazonS3
video.m3u8
hls5-eu.zcdn.stream/5c3748491632b29b303027b2396844bf/2022-08-19/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hls5-eu.zcdn.stream/5c3748491632b29b303027b2396844bf/2022-08-19/video.m3u8?auth=d0e0bef48dfcbc9b521340e858b692ec&expires=1734535038&type=edge&asn=16276&node=qmlr2VuBNoHXlm3SBXyH8lTbqSbfbFqhfXpB-cRWzsbkFK_UNehQENOPS6_AjmkIGeZO5SH555TgrfXavoOcIX9Ee3PjUowaqnxkIIwHasi5qWl_2N86q3i-ycONRigjd2eUKtLQm0wZ8rUr-I1lnAqkTy4iM7kr_ZXbInLhhRR31gvPmS533u0vwLjr_s21rxFcc9zi-Z7wrADisav5gg7WGa8bTWJXBq_rYF9OeztYi0j5mBPHR9mBalV8F2YnsBsKaVbX9MKc6fPlAE5Uy6aV6ZoV6LA5vf098fJizD7Jve1B3_5FZJ8vMlCWmJiISwpDBOU-6OWo0I3ld3-UNA
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.36.2/provider.hlsjs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.179.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1994e806769e355f3834b605ffef3e7b87fd8ae5ba40c2ca41f4cee38bbb3eea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

strict-transport-security
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6F5ScmCIASbgUyzQhm7l9QQMGdqFIaGHum0wjoLVj4kEl4WRuS6BO0titLPlrCUeGewl5HgrXnqLtRiqZP%2BV3Jxc4nVJ7hku5Kmd0CdIwy745OBbY9E1Q5r2YMaLp0DMyXevF3r"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3ebeebbf1f3972-YYZ
access-control-allow-origin
*
x-cache
BYPASS
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
application/vnd.apple.mpegurl
server
cloudflare
priority
u=1,i
server-timing
cfL4;desc="?proto=QUIC&rtt=25484&min_rtt=25302&rtt_var=4352&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4133&recv_bytes=4784&delivery_rate=542&cwnd=12000&unsent_bytes=0&cid=45b538af205d66eb&ts=282&x=1", cfExtPri, cfHdrFlush;dur=0
ogjh4aR.jpg
i.imgur.com/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/ogjh4aR.jpg
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

strict-transport-security
max-age=300
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
retry-after
0
x-timer
S1734520639.302942,VS0,VE0
access-control-allow-methods
GET, OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS
content-length
0
date
Wed, 18 Dec 2024 11:17:19 GMT
x-served-by
cache-yul1970024-YUL
x-cache-hits
0
server
cat factory 1.0
/
t.dtscout.com/i/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/i/?l=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&j=
Requested by
Host: waust.at
URL: https://waust.at/s.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fe4eeeacb1d9ff43fee594e3bf0393f5baed6b9501b0af8b182229f5c21cd83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0emklBMryoReobdWrz4oB8GBS9CcJYmbk7emOJhV8xsxVnSJoNkOG%2FzOf8tEdn33N%2BvH%2FFhTY7i%2Bc5LZNikbTuDAyEg6kFrS7yRcWF8PUnzqWtcz9laPj0McE9fIMqYO28DMGCGhZjO6YsE%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.26
cf-ray
8f3ebeebce94a286-YUL
expires
Wed, 18 Dec 2024 11:17:18 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=19439&min_rtt=18593&rtt_var=3950&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4023&recv_bytes=2296&delivery_rate=185674&cwnd=254&unsent_bytes=0&cid=21e24f773290a16a&ts=56&x=0"
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
application/javascript
x-s
mtl3
server
cloudflare
/
whos.amung.us/pingjs/ 		30 B
250 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=1b7cesdcef&t=Lampas.Langit.2022.1080p.Eng.Sub.mp4%20-%20Mov18plus.Cloud&c=s&x=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&y=&a=0&d=1.401&v=27&r=7484
Requested by
Host: waust.at
URL: https://waust.at/s.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a1c6e947f95158b7cea0ded28960df75d37df9f2769054cee67ef2fe1213353

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
cf-ray
8f3ebeebc8d0ab75-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
text/javascript;charset=UTF-8
vary
accept-encoding
server
cloudflare
priority
u=3,i=?0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.36.2/jwplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

content-encoding
gzip
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 11:17:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="cloudview"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
accept-ranges
bytes
content-length
2007
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/ 		210 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-54569706-13&l=dataLayer&cx=c&gtm=45je4cc1v877485124za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CELP8E43D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e8bb2d4e1f7bf8a1aa9fe3ec8364e20339ed11dc1100fe854c3a39ca391cf2cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 11:17:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
77312
x-xss-protection
0
server
Google Tag Manager
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-CELP8E43D2&gtm=45je4cc1v877485124za200&_p=1734520639051&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1570528907.1734520639&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1734520639&sct=1&seg=0&dl=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&dt=Lampas.Langit.2022.1080p.Eng.Sub.mp4%20-%20Mov18plus.Cloud&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1695
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CELP8E43D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://mov18plus.cloud
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
545 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CELP8E43D2&cid=1570528907.1734520639&gtm=45je4cc1v877485124za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CELP8E43D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://mov18plus.cloud
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 59CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-CELP8E43D2&gacid=1570528907.1734520639&gtm=45je4cc1v877485124za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=919255834
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CELP8E43D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mov18plus.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 11:17:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CELP8E43D2&cid=1570528907.1734520639&gtm=45je4cc1v877485124za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1712552990
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 18 Dec 2024 11:17:19 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2ELDB1X547&gtm=45je4cc1v9134764092za200&_p=1734520639051&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1570528907.1734520639&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734520639&sct=1&seg=0&dl=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&dt=Lampas.Langit.2022.1080p.Eng.Sub.mp4%20-%20Mov18plus.Cloud&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1729
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2ELDB1X547
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://mov18plus.cloud
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
text/plain
server
Golfe2
/
t.dtscout.com/idg/ Frame 6460 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=4C30173452063911502B6023B64B4BE0
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://mov18plus.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8f3ebeecad0ca28d-YUL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 11:17:19 GMT
expires
Wed, 18 Dec 2024 11:17:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1VH%2B9ICPLBvlc3bEueSIhxfRQ4mXJM53s9SOqJZm08kU1vAilLJEyjeWYU0PLkVyqj7tbtjaUAtzLg2kmo%2Fp8MkzFJ4iasw8FtN9A%2B%2FRPeFBSuJr2NC34a4K2jT6g9U0uVmec80gDukN%2BQg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=18723&min_rtt=18432&rtt_var=4439&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4023&recv_bytes=2402&delivery_rate=208108&cwnd=254&unsent_bytes=0&cid=997f161175f37976&ts=49&x=0"
vary
accept-encoding
t.dhj
pxdrop.lijit.com/1/d/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=mov18plus.cloud&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.9 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
936731633f68e7bfa46daa86c910871fb673c6a15cb654d9de2dbe7268075d3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

X-Robots-Tag
noindex, nofollow
Cache-Control
private, max-age=3600
Content-Encoding
gzip
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Wed, 18 Dec 2024 12:17:19 GMT
Content-Length
1395
Date
Wed, 18 Dec 2024 11:17:19 GMT
Content-Type
text/javascript
dtscout
pd.sharethis.com/pd/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.128.213.107 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-213-107.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
9c579b8f13b69d00c8e158c0cda763caec552c71a8a44c68bedc38a5eba3498b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Date
Wed, 18 Dec 2024 11:17:19 GMT
Content-Type
application/javascript
Connection
keep-alive
dtsa.js
p.dtsan.net/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.dtsan.net/dtsa.js
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&j=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bae0be00456ea666920477be254fdcf5104a179cc46135c316a70ddbee9f8964

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"670f478e-25f4"
age
919
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eGBKdFB7KiaOgjL%2FtSukTKNiRPHw2qlv%2FoqQbwY1YB%2F%2FXxUMjWt5yfJoAsXLsSn0KTBkpp%2FUhMzRHrNn8SvaYqRns5q4Cyp0sO8R3e2oWNt9Y0hAA7FFvNTmXPpEsg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25515&min_rtt=25292&rtt_var=9644&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4134&recv_bytes=4275&delivery_rate=123638&cwnd=12000&unsent_bytes=0&cid=a9b87989738ee08b&ts=63&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 04:56:46 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3ebeecbbc5a253-YYZ
server
cloudflare
/
t.dtscout.com/pv/ 		51 B
496 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=mov18plus.cloud&_ss=4jk2hi26uq&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=6ihs&_cb=_dtspv.c
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9a35df5918a188e315c825b4f94d60e25406bd5192dc3055ee747e013620087

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

x-c
0
cache-control
no-cache
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=txBINaGzRSPfOenzAXy4inobClLAn37Jlm%2F3FVWWtU7jZIYWY8sCrmUH2uZqXb3s6%2FA2qRDppCtML%2B57kcAjyBb2fDOTaVf4mMqO19sNPg8Tq5SvlHGqeV%2BzFpF94O30Iv%2Fif4AohfQ5130%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.148
cf-ray
8f3ebeec5f4fa286-YUL
expires
Wed, 18 Dec 2024 11:17:18 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=24304&min_rtt=18553&rtt_var=11565&sent=16&recv=18&lost=0&retrans=0&sent_bytes=8405&recv_bytes=2473&delivery_rate=477842&cwnd=257&unsent_bytes=0&cid=21e24f773290a16a&ts=150&x=0"
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
application/javascript
server
cloudflare
tc.js
cdn.tynt.com/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/tc.js
Requested by
Host: waust.at
URL: https://waust.at/s.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df92371a548b99f90afb3caeb15fdd106cbb37809b0f3f9db3db055e581ac28a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"651ed18d-66a6"
age
103497
cf-ray
8f3ebeed2a5339ef-YYZ
expires
Sat, 21 Dec 2024 11:17:19 GMT
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
application/javascript
last-modified
Thu, 05 Oct 2023 15:09:01 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54569706-13&l=dataLayer&cx=c&gtm=45je4cc1v877485124za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

content-encoding
gzip
age
4263
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 12:06:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 10:06:16 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

content-encoding
gzip
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 11:17:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
cache-control
private, max-age=0
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
12197
x-xss-protection
0
server
sffe
cast_sender.js
www.gstatic.com/eureka/clank/131/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/131/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9ea7368bdeb874b872c57df21fdad4d93ce2219a6e32cb718ad1a8b9095773a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

content-encoding
gzip
age
85801
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 11:27:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 11:27:18 GMT
last-modified
Mon, 07 Oct 2024 15:05:07 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
accept-ranges
bytes
content-length
14212
x-xss-protection
0
server
sffe
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.69.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-69-77.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3029a59a3eb78e1675c02962b4c2efa72c770b73c3336f95f14b4c73b7465397

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2afd7a7856345176e1c9c378191ae043"
age
13142
via
1.1 aacfd1aac6058be05e19c1942d013984.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
CL9naIjUX2WQ-vM3zKURrlAfTCrqctKgLSTh9GHw1uSKhESn0ROp4g==
date
Wed, 18 Dec 2024 07:38:18 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 17:49:20 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P6
x-amz-server-side-encryption
AES256
/
t.dtscdn.com/widget/ 		0
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=4C30173452063911502B6023B64B4BE0&nid=0&p=2114454483&t=480&s=1600x1200x24&u=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&r=
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31%2BKEs7pHCHA36PFyiYgqGLu1J8LEorHy%2BQKabS3AqrH%2FzpPmEYTYlWL4FFW5u%2FJwKZSarQDX6586HWR%2F6ud6zH9l4hcVFuq9chXlBDRri0ADPmxzTOHT8UPSzlvtkosLyMFgJxkZSbMCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.81
cf-ray
8f3ebeed6f7f4bcb-YUL
expires
Wed, 18 Dec 2024 11:00:22 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=18856&min_rtt=18495&rtt_var=3417&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4006&recv_bytes=2321&delivery_rate=197874&cwnd=253&unsent_bytes=0&cid=eb6431c4eb3efd39&ts=65&x=0"
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
application/javascript; charset=UTF-8
x-server
web16.ny1.dtscdn.com
server
cloudflare
/
loada.exelator.com/load/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=4C30173452063911502B6023B64B4BE0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
0
0
collect
www.google-analytics.com/j/ 		1 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=932365673&t=pageview&_s=1&dl=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&ul=en-ca&de=UTF-8&dt=Lampas.Langit.2022.1080p.Eng.Sub.mp4%20-%20Mov18plus.Cloud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=508433648&gjid=785994766&cid=1570528907.1734520639&tid=UA-54569706-13&_gid=1413420048.1734520640&_r=1&gtm=457e4cc1z8877485124za200zb877485124&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&jsscut=1&z=1162920809
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mov18plus.cloud/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 11:17:19 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://mov18plus.cloud
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
480.m3u8
hls5-eu.zcdn.stream/5c3748491632b29b303027b2396844bf/2022-08-19/ 		149 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hls5-eu.zcdn.stream/5c3748491632b29b303027b2396844bf/2022-08-19/480.m3u8?token=a9b861cfacc3120e056ea6c7e1f788a7&client=6fe34c7542624cd2c865ec367608af0a&expires=1734549439&type=edge&asn=16276&node=qmlr2VuBNoHXlm3SBXyH8lTbqSbfbFqhfXpB-cRWzsbkFK_UNehQENOPS6_AjmkIGeZO5SH555TgrfXavoOcIX9Ee3PjUowaqnxkIIwHasi5qWl_2N86q3i-ycONRigjd2eUKtLQm0wZ8rUr-I1lnAqkTy4iM7kr_ZXbInLhhRR31gvPmS533u0vwLjr_s21rxFcc9zi-Z7wrADisav5gg7WGa8bTWJXBq_rYF9OeztYi0j5mBPHR9mBalV8F2YnsBsKaVbX9MKc6fPlAE5Uy6aV6ZoV6LA5vf098fJizD7Jve1B3_5FZJ8vMlCWmJiISwpDBOU-6OWo0I3ld3-UNA
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.36.2/provider.hlsjs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.179.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b723f6fcb2054f99c43bd9f0b24c48e308393b45f305b9b05f8575d5902660dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

strict-transport-security
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JabfB3P2JqhvMBe8gDTITrFMOMhPl10AY%2B5MceXY4gCI3J%2BzysfZChj66Xbxx3mB0ObrHAIQTrKcmEUJ0THgmRhHIkzhhgIR%2ByXlbGGzzLMs9OgLQ36q0j792306Ukd%2BPkPXNtvO"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3ebeed880a3972-YYZ
access-control-allow-origin
*
x-cache
BYPASS
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
application/vnd.apple.mpegurl
server
cloudflare
priority
u=1,i
server-timing
cfL4;desc="?proto=QUIC&rtt=25468&min_rtt=25302&rtt_var=3296&sent=14&recv=13&lost=0&retrans=0&sent_bytes=5392&recv_bytes=5577&delivery_rate=48644&cwnd=12000&unsent_bytes=0&cid=45b538af205d66eb&ts=464&x=1", cfExtPri, cfHdrFlush;dur=0
t_.htm
pxdrop.lijit.com/a/ Frame BE30 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/a/t_.htm?ver=1.1620.860&cid=c026&cls=sync
Requested by
Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=mov18plus.cloud&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.25 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://mov18plus.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1190
Content-Type
text/html
Date
Wed, 18 Dec 2024 11:17:19 GMT
Expires
Wed, 25 Dec 2024 11:17:19 GMT
X-Robots-Tag
noindex, nofollow
t.dhj
t.sharethis.com/1/k/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.325718532040276&stid=ZHuABWdirz8AAAANCtc7Aw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.27 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5e38192f4148884481fea7adcc0b115d8a60a0e2fb02bb4c472c5bc002d4c4fa
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
Cache-Control
private, max-age=3600
Content-Encoding
gzip
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Wed, 18 Dec 2024 12:17:19 GMT
Content-Length
1383
Date
Wed, 18 Dec 2024 11:17:19 GMT
Content-Type
text/javascript
dtscout
pd.sharethis.com/pd/ 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&event_source=dtscout&rnd=0.325718532040276&exptid=ZHuABWdirz8AAAANCtc7Aw%3D%3D&fcmp=false
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.128.213.107 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-213-107.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Content-Length
42
Date
Wed, 18 Dec 2024 11:17:19 GMT
Content-Type
image/gif
Connection
keep-alive
p
ic.tynt.com/b/ 		35 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!1b7cesdcef&lm=0&ts=1734520639647&dn=TC&iso=0&pu=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&t=Lampas.Langit.2022.1080p.Eng.Sub.mp4%20-%20Mov18plus.Cloud&chmob=0
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/v/LG3w5D4jdaf2/

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
etag
"4bc8846c-23"
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
accept-ranges
bytes
content-length
35
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
image/gif
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
v2
de.tynt.com/deb/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=w!1b7cesdcef&dn=TC&cc=1&chmob=0&r=&pu=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
a0ed42ccbfcbb7f0aa30b876173daea09c4e579791df5e65e1ce8222236c322c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/v/LG3w5D4jdaf2/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1445
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
date
Wed, 18 Dec 2024 11:17:19 GMT
content-type
application/javascript
t_.htm
t.sharethis.com/a/ Frame 399B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1620.23405&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.325718532040276&stid=ZHuABWdirz8AAAANCtc7Aw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.27 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://mov18plus.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1190
Content-Type
text/html
Date
Wed, 18 Dec 2024 11:17:20 GMT
Expires
Wed, 25 Dec 2024 11:17:20 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
27519
tags.bluekai.com/site/ Frame 7985
Redirect Chain
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1734520639882.4&r=true
  • https://tags.bluekai.com/site/27519?id=212697587961797&ret=html&random=1734520640
0
0
46905884-f1e3-4350-81d0-08eb18999108
map.go.affec.tv/map/ttd/
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=CoIKSmdirz9l9W4YA4WvAg%3D%3D&us_privacy=&ts=1734520639882.1
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D6762af40d139a8000150e067%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D6762af40d139a8000150e067%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%25...
  • https://map.go.affec.tv/map/an/3648015628340815026?ch=6762af40d139a8000150e067&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://map.go.affec.tv/map/ttd/46905884-f1e3-4350-81d0-08eb18999108?ttd_puid=&gdpr=0&gdpr_consent=
0
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://map.go.affec.tv/map/ttd/46905884-f1e3-4350-81d0-08eb18999108?ttd_puid=&gdpr=0&gdpr_consent=
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H2
Server
18.214.43.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-43-89.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/v/LG3w5D4jdaf2/

Response headers

date
Wed, 18 Dec 2024 11:17:20 GMT
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

location
https://map.go.affec.tv/map/ttd/46905884-f1e3-4350-81d0-08eb18999108?ttd_puid=&gdpr=0&gdpr_consent=
content-length
229
date
Wed, 18 Dec 2024 11:17:20 GMT
server
Kestrel
v2
usermatch.krxd.net/um/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSmdirz9l9W4YA4WvAg%3D%3D&us_privacy=&random=1734520639882.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSmdirz9l9W4YA4WvAg%3D%3D&us_privacy=&random=1734520639882.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=0a00b557-117a-4ea3-8907-3239f5eaaa43%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=0a00b557-117a-4ea3-8907-3239f5eaaa43%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=77f59887-962b-44e5-b87f-45ea01a8d1b2&ttd_puid=0a00b557-117a-4ea3-8907-3239f5eaaa43%2Chttps%253A%252F%252Fusermatch.krxd.n...
  • https://usermatch.krxd.net/um/v2?partner=tapad
0
0
405716.gif
idsync.rlcdn.com/
Redirect Chain
  • https://dp2.33across.com/ps/?pid=1205&rand=1734520639882.3&r=true
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212922240502964
42 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/405716.gif?partner_uid=212922240502964
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/v/LG3w5D4jdaf2/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Wed, 18 Dec 2024 11:17:20 GMT
content-type
image/gif

Redirect headers

cache-control
no-store, no-cache, must-revalidate
location
https://idsync.rlcdn.com/405716.gif?partner_uid=212922240502964
pragma
no-cache
referrer-policy
unsafe-url
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
4000000000004000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
0
date
Wed, 18 Dec 2024 11:17:19 GMT
server
33XP012
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKSmdirz9l9W4YA4WvAg%3D%3D&us_privacy=&33random=1734520639882.5&cat=33across
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKSmdirz9l9W4YA4WvAg%3D%3D&us_privacy=&33random=1734520639882.5&cat=33across
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MmZ6VFFER3Nuc08yZEN0NGg3bm8tUTJ3ZFRZSFZPNVZGUjQzQTRCbUpNc2s&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEFkEEPcgZqk-TcUkIMSoezM&google_cver=1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEFkEEPcgZqk-TcUkIMSoezM&google_cver=1
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
HTTP/1.1
Server
54.156.26.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-26-12.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/v/LG3w5D4jdaf2/

Response headers

Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Wed, 18 Dec 2024 11:17:20 GMT
Content-Type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEFkEEPcgZqk-TcUkIMSoezM&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
375
date
Wed, 18 Dec 2024 11:17:20 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
bounce
secure.adnxs.com/
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKSmdirz9l9W4YA4WvAg%3D%3D&us_privacy=&random=1734520639882.6&pu=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&r=true
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212698064352546&seg_code=33x&random=1734520640
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212698064352546%26seg_code%3D33x%26random%3D1734520640
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212698064352546%26seg_code%3D33x%26random%3D1734520640
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
H2
Server
68.67.161.208 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/v/LG3w5D4jdaf2/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
081b6019-92b3-4539-9ea9-b91656c3b2cc
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Wed, 18 Dec 2024 11:17:20 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212698064352546%26seg_code%3D33x%26random%3D1734520640
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
167.114.209.103; 167.114.209.103; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
fdf6196d-392c-48ff-9499-2a035a5cc258
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Wed, 18 Dec 2024 11:17:20 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKSmdirz9l9W4YA4WvAg%3D%3D&us_privacy=&33random=1734520639882.7&cat=33across
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKSmdirz9l9W4YA4WvAg%3D%3D&us_privacy=&33random=1734520639882.7&cat=33across
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MmZ6VFFER3Nuc08yZEN0NGg3bm8tUTJ3ZFRZSFZPNVZGUjQzQTRCbUpNc2s&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEFRo4GagWMW0FAPWbMUuBZk&google_cver=1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEFRo4GagWMW0FAPWbMUuBZk&google_cver=1
Requested by
Host: mov18plus.cloud
URL: https://mov18plus.cloud/v/LG3w5D4jdaf2/
Protocol
HTTP/1.1
Server
54.156.26.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-26-12.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/v/LG3w5D4jdaf2/

Response headers

Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Wed, 18 Dec 2024 11:17:20 GMT
Content-Type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEFRo4GagWMW0FAPWbMUuBZk&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
375
date
Wed, 18 Dec 2024 11:17:20 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
drm_v1.key
beastx.top/assets/ 		16 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beastx.top/assets/drm_v1.key
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.36.2/provider.hlsjs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.186.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5abca86b5e3823bb80580865c6a796bf393c83e814bed0ed8bf414e81976c17d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

cf-cache-status
DYNAMIC
etag
"62f2bbc1-10"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PITrE76pO2%2FldGNt0lOrB0DDcD5XBrnwtJC1Hru8yUDvgz82dIe3F2mEyrYM%2BIHA%2BUGEQe0bcRF5KYgkEnD4oU3%2FOlekbOv5SvDDDHvaTmnhwpI6dH%2Bu0pUIihcW"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26630&min_rtt=25855&rtt_var=4647&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4161&recv_bytes=4415&delivery_rate=538&cwnd=12000&unsent_bytes=0&cid=5b3bdedd918c9158&ts=259&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 11:17:20 GMT
content-type
application/octet-stream
last-modified
Tue, 09 Aug 2022 19:55:45 GMT
priority
u=1,i
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3ebef30fd1aae6-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
16
server
cloudflare
01169-000.ts
delivery-2667-148-10.na.plxcdn.stream/files/FAAEADCE/480K/2022/BAFAFCCD/08/AEGEGCEG/19/FFAFBDEA/ 		356 KB
356 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://delivery-2667-148-10.na.plxcdn.stream/files/FAAEADCE/480K/2022/BAFAFCCD/08/AEGEGCEG/19/FFAFBDEA/01169-000.ts?token=E1UppLRsDX7GD-azIroM-A&expires=1734549439&asn=16276&speed=700&delivery=srv5-eu
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.36.2/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.163.94.10 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS
we.love.servers.at.ioflood.net
Software
nginx /
Resource Hash
82323d30185d5b21a5e142a92496561e26e1033ddb4cca1eb10addac7f43b280
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=2592000
etag
"62ff3bcc-58f40"
expires
Fri, 17 Jan 2025 11:17:20 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
364352
date
Wed, 18 Dec 2024 11:17:20 GMT
content-type
video/mp2t
last-modified
Fri, 19 Aug 2022 07:29:16 GMT
server
nginx
66ef6274-a504-4937-bd53-b5f9b875cb32
https://mov18plus.cloud/ Frame 		0
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-CELP8E43D2&gtm=45je4cc1v877485124za200&_p=1734520639051&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1570528907.1734520639&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1734520639&sct=1&seg=0&dl=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&dt=Lampas.Langit.2022.1080p.Eng.Sub.mp4%20-%20Mov18plus.Cloud&en=scroll&epn.percent_scrolled=90&_et=42&tfd=6740
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CELP8E43D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://mov18plus.cloud
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 11:17:24 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2ELDB1X547&gtm=45je4cc1v9134764092za200&_p=1734520639051&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1570528907.1734520639&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1734520639&sct=1&seg=0&dl=https%3A%2F%2Fmov18plus.cloud%2Fv%2FLG3w5D4jdaf2%2F&dt=Lampas.Langit.2022.1080p.Eng.Sub.mp4%20-%20Mov18plus.Cloud&en=scroll&epn.percent_scrolled=90&_et=16&tfd=6746
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2ELDB1X547
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f101.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mov18plus.cloud/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://mov18plus.cloud
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 11:17:24 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
loada.exelator.com
URL
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
Domain
tags.bluekai.com
URL
https://tags.bluekai.com/site/27519?id=212697587961797&ret=html&random=1734520640
Domain
usermatch.krxd.net
URL
https://usermatch.krxd.net/um/v2?partner=tapad
Domain
mov18plus.cloud
URL
blob:https://mov18plus.cloud/66ef6274-a504-4937-bd53-b5f9b875cb32

Verdicts & Comments Add Verdict or Comment

292 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| $ function| jQuery object| devtoolsDetector object| devtoolsFormatters object| pako function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| webpackChunkjwplayer object| __core-js_shared__ object| core function| jwplayer function| EYYMCu8 function| xIdJ2lG object| IqT4nF object| B6P_p74 function| ay3fBV object| TvU030V function| eY0aI5 function| VYh7PbW function| hfnPCo function| o3j0VYA function| qGcBnp object| lsYJmo string| P8_u9sC number| pPNjxK function| OMQEaXM function| PD0_AA function| ooG8jz function| GWHfWEL function| Nbe4qv function| O6efRQj object| h_FUoU object| tJnLXmZ function| hUNouaL function| wSZljd function| HVKZhE function| _RXh14 function| kjZIUca function| A8Qqmg function| hFpjCLa function| sha256 function| sha224 string| popURL function| onPopUnderLoaded object| _wau function| gtag object| dataLayer object| WAU_ren function| WAU_small function| WAU_small_request function| WAU_r_s function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady function| __onGCastApiAvailable object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| a object| cv object| _dtspv object| x string| x1 object| Tynt string| GoogleAnalyticsObject function| ga object| cast object| lotame_3825 number| char object| gaplugins object| gaData object| _33Across function| __uspapi function| lotameIsCompatible function| lt3825_ba function| lt3825_b function| lt3825_ea object| lt3825_e function| lt3825_fa function| lt3825_g function| lt3825_ha object| lt3825_ object| lt3825_ma object| lt3825_na object| lt3825_p object| lt3825_Ma object| lt3825_6 function| lt3825_aa function| lt3825_a function| lt3825_d function| lt3825_f function| lt3825_h function| lt3825_ga function| lt3825_ia function| lt3825_i function| lt3825_ja function| lt3825_j function| lt3825_k function| lt3825_l function| lt3825_m function| lt3825_n function| lt3825_ka function| lt3825_la function| lt3825_o function| lt3825_q function| lt3825_s function| lt3825_t function| lt3825_u function| lt3825_v function| lt3825_w function| lt3825_ra function| lt3825_oa function| lt3825_pa function| lt3825_x function| lt3825_qa function| lt3825_y function| lt3825_z function| lt3825_B function| lt3825_C function| lt3825_r function| lt3825_D function| lt3825_E function| lt3825_sa function| lt3825_ta function| lt3825_ua function| lt3825_F function| lt3825_va function| lt3825_wa function| lt3825_G function| lt3825_H function| lt3825_xa function| lt3825_I function| lt3825_J function| lt3825_K function| lt3825_ya function| lt3825_za function| lt3825_M function| lt3825_Aa function| lt3825_N function| lt3825_L function| lt3825_Ba function| lt3825_Ca function| lt3825_Da function| lt3825_Ea function| lt3825_Fa function| lt3825_O function| lt3825_Ga function| lt3825_Ha function| lt3825_Ia function| lt3825_Ja function| lt3825_Ka function| lt3825_La function| lt3825_P function| lt3825_Na function| lt3825_Oa function| lt3825_Pa function| lt3825_Qa function| lt3825_Ra function| lt3825_Sa function| lt3825_Ta function| lt3825_Ua function| lt3825_Va function| lt3825_Wa function| lt3825_Xa function| lt3825_Ya function| lt3825_Q function| lt3825_R function| lt3825_Za function| lt3825_S function| lt3825_T function| lt3825__a function| lt3825_0a function| lt3825_1a function| lt3825_U function| lt3825_V function| lt3825_W function| lt3825_X function| lt3825_5a function| lt3825_2a function| lt3825_6a function| lt3825_4a function| lt3825_3a function| lt3825_Y function| lt3825_8a function| lt3825_9a function| lt3825_7a function| lt3825_$a function| lt3825__ function| lt3825_cb function| lt3825_eb function| lt3825_db function| lt3825_gb function| lt3825_bb function| lt3825_ab function| lt3825_Z function| lt3825_fb function| lt3825_2 function| lt3825_ib function| lt3825_kb function| lt3825_0 function| lt3825_jb function| lt3825_3 function| lt3825_1 function| lt3825_hb function| lt3825_lb function| lt3825_mb function| lt3825_qb function| lt3825_nb function| lt3825_ob function| lt3825_pb function| lt3825_rb function| lt3825_tb function| lt3825_sb function| lt3825_ub function| lt3825_vb function| lt3825_wb function| lt3825_xb function| lt3825_4 function| lt3825_5 function| lt3825_yb function| lt3825_zb function| lt3825_Ab function| lt3825_Bb function| lt3825_Cb function| lt3825_Db function| lt3825_Eb function| lt3825_Fb function| lt3825_Gb function| lt3825_Hb function| lt3825_7 function| lt3825_Kb function| lt3825_Lb function| lt3825_Jb function| lt3825_Ib function| lt3825_Nb function| lt3825_Mb function| lt3825_Pb function| lt3825_Ob function| lt3825_Qb function| lt3825_Rb function| lt3825_Sb function| lt3825_Tb function| lt3825_Ub function| lt3825_Vb function| lt3825_Xb function| lt3825__b function| lt3825_Zb function| lt3825_Wb function| lt3825_2b function| lt3825_Yb function| lt3825_0b function| lt3825_4b function| lt3825_3b function| lt3825_5b function| lt3825_1b function| lt3825_6b function| lt3825_7b function| lt3825_8b function| lt3825_8 function| lt3825_9b function| lt3825_$b function| lt3825_ac function| lt3825_bc function| lt3825_cc function| lt3825_9 function| lt3825_dc function| lt3825_ec function| lt3825_fc function| lt3825_gc function| lt3825_hc function| lt3825_ic function| lt3825_jc function| lt3825_$ function| lt3825_kc function| lt3825_nc function| lt3825_mc function| lt3825_oc function| lt3825_lc

43 Cookies

Domain/Path Name / Value
map.go.affec.tv/map/ttd Name: oo
Value: 1
map.go.affec.tv/map/an Name: oo
Value: 1
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: df
Value: 1734520639
.dtscout.com/ Name: l
Value: 4C30173452063911502B6023B64B4BE0
.mov18plus.cloud/ Name: _ga_CELP8E43D2
Value: GS1.1.1734520639.1.0.1734520639.60.0.0
.mov18plus.cloud/ Name: _ga_2ELDB1X547
Value: GS1.1.1734520639.1.0.1734520639.0.0.0
.mov18plus.cloud/ Name: __dtsu
Value: 4C30173452063911502B6023B64B4BE0
.lijit.com/ Name: lijitAcc3PC
Value: 1
.mov18plus.cloud/ Name: _ga
Value: GA1.2.1570528907.1734520639
.mov18plus.cloud/ Name: _gid
Value: GA1.2.1413420048.1734520640
.mov18plus.cloud/ Name: _gat_gtag_UA_54569706_13
Value: 1
.sharethis.com/ Name: __stid
Value: ZHuABWdirz8AAAANCtc7Aw==
.sharethis.com/ Name: __stidv
Value: 2
.dtscdn.com/ Name: uid
Value: 4C30173452063911502B6023B64B4BE0
.tynt.com/ Name: uid
Value: CoIKSmdirz9l9W4YA4WvAg==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1734520639882%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1734520639882%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1734520639882%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A2%2C%22ts%22%3A1734520639882%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1734520639882%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1734520639882%7D%5D
.tapad.com/ Name: TapAd_TS
Value: 1734520640026
.tapad.com/ Name: TapAd_DID
Value: 0a00b557-117a-4ea3-8907-3239f5eaaa43
.go.affec.tv/ Name: ck
Value: 6762af40d139a8000150e066
.go.affec.tv/ Name: oo
Value: 1
.eyeota.net/ Name: mako_uid
Value: 193d97c9260-65640000010a45ca
.eyeota.net/ Name: SERVERID
Value: 17866~DM
.onaudience.com/ Name: cookie
Value: fd4158bbf46fea13
.onaudience.com/ Name: done_redirects161
Value: 1
.33across.com/ Name: 33x_ps
Value: u%3D212922240502964%3As1%3D1734520640158%3Ats%3D1734520640158
.t.sharethis.com/ Name: pxcelPage_default_c010_C
Value: 1_0_1734520640272
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2Hb6KRv.1!@wnf-Te9(>wL5L!!'>O$_v)/
.rlcdn.com/ Name: rlas3
Value: ruJB5oy0RxsaKtlh5dgEGjTzAtLbwYN9yAG4lRRVQ34=
.adnxs.com/ Name: XANDR_PANID
Value: FD0pkPEyGZiYMmlMHRgup2igB2TEe3nsR5IYWYP4hbqtumcD4jd8hMR_crd_cXfDqquwNCILr7zDKIVz5qJRyGXCsg3V0Jxa49C5RWLTqFc.
.adnxs.com/ Name: uuid2
Value: 3648015628340815026
.doubleclick.net/ Name: IDE
Value: AHWqTUmqAwDFrPqVfrk7AwtzTmK-8_yOiqOLBwzkWJ_UDdxh1MEIWmb9Y8QQYRSiu-g
.adsrvr.org/ Name: TDID
Value: 46905884-f1e3-4350-81d0-08eb18999108
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8483
.ml314.com/ Name: pi
Value: 3649206679532732449
.exelator.com/ Name: EE
Value: "c0bcf84301b2852b1d54394a6827090c"
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwiKnMPSiNjPPRAFOAFaB21zc20xMTVgAg..
.rlcdn.com/ Name: pxrc
Value: CMDeirsGEgUI204QAA==
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTczNDUyMDY0MCwiaWQiOiIzNjQ4MDE1NjI4MzQwODE1MDI2IiwibHMiOjE3MzQ1MjA2NDB9LCJ0dCI6eyJkdCI6MTczNDUyMDY0MCwiaWQiOiJDb0lLU21kaXJ6OWw5VzRZQTRXdkFnPT0iLCJscyI6MTczNDUyMDY0MH0sInRkIjp7ImR0IjoxNzM0NTIwNjQwLCJpZCI6IjQ2OTA1ODg0LWYxZTMtNDM1MC04MWQwLTA4ZWIxODk5OTEwOCIsImxzIjoxNzM0NTIwNjQwfSwidiI6MH0=|1734520640|20aa02d56858f896dd864dc363f1ddcbe1931b7a
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHZICk5zcLE2MAwycjC1CjJMMXUxNjSJNHMwsjcwNIgeXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDYcEl%252BUWb6ImfHxUUpaQyLSopPBZ98sw8Ac34qZQ%253D%253D"
.t.sharethis.com/ Name: pxcelBcnLcy
Value: 77

4 Console Messages

Source Level URL
Text
security warning URL: https://mov18plus.cloud/assets/js/library_v4.0.js(Line 1)
Message:
document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
network error URL: https://i.imgur.com/ogjh4aR.jpg
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://usermatch.krxd.net/um/v2?partner=tapad
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
worker info URL: blob:https://mov18plus.cloud/66ef6274-a504-4937-bd53-b5f9b875cb32
Message:
[log] > Debug logs enabled for "main" in hls.js version 1.5.13

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
beastx.top
cdn.tynt.com
cm.g.doubleclick.net
de.tynt.com
delivery-2667-148-10.na.plxcdn.stream
dp1.33across.com
dp2.33across.com
hls5-eu.zcdn.stream
i.imgur.com
ic.tynt.com
idsync.rlcdn.com
krx18.com
loada.exelator.com
map.go.affec.tv
match.adsrvr.org
mov18plus.cloud
p.dtsan.net
pd.sharethis.com
ps.eyeota.net
pxdrop.lijit.com
secure.adnxs.com
ssl.p.jwpcdn.com
stats.g.doubleclick.net
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bluekai.com
tags.crwdcntrl.net
td.doubleclick.net
usermatch.krxd.net
waust.at
whos.amung.us
www.google-analytics.com
www.google.ca
www.googletagmanager.com
www.gstatic.com
loada.exelator.com
mov18plus.cloud
tags.bluekai.com
usermatch.krxd.net
104.18.13.146
142.250.31.101
148.163.94.10
15.197.193.217
172.67.145.214
172.67.167.79
172.67.179.211
172.67.185.220
172.67.186.11
172.67.71.57
172.67.8.141
18.214.43.89
199.232.196.193
209.85.201.157
23.212.251.25
23.212.251.27
23.212.251.9
2606:4700:20::681a:c3c
2606:4700:21::8d65:780a
2606:4700:21::8d65:780b
2607:f8b0:4004:c1b::9c
2607:f8b0:400d:c01::71
2607:f8b0:400d:c02::66
2607:f8b0:400d:c09::61
2607:f8b0:400d:c09::9a
2607:f8b0:400d:c1d::5e
2a04:4e42:400::626
3.128.213.107
3.167.69.77
35.244.154.8
54.156.26.12
67.202.105.22
67.202.105.24
67.202.105.32
68.67.161.208
74.125.192.94
0a1c6e947f95158b7cea0ded28960df75d37df9f2769054cee67ef2fe1213353
0ed9f47f30080fa591c9b6058f7508e490c1cbd904d9a757d713d4956f81e174
0fc7a453bd023815f608c19f6ad043849a255fec0198960def9bf4f6e50e4ea5
0fe4eeeacb1d9ff43fee594e3bf0393f5baed6b9501b0af8b182229f5c21cd83
1994e806769e355f3834b605ffef3e7b87fd8ae5ba40c2ca41f4cee38bbb3eea
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
2a3295ea5c534bc411a3594bd185754fd114eab07b5e6bdab0413f5baa73a3a0
2d8ef5b8f183dd1dbecac3ecc8861b211bb41f1018a2de8e8d30fdbf65d04620
3029a59a3eb78e1675c02962b4c2efa72c770b73c3336f95f14b4c73b7465397
345e5c4063c5b0acc8e764b3cda50b77234c1f2792e376acdbe20f9025a1fa38
40ae1c5c67d05ba186532a247c9334abcd31b164a7b17c318ccf62e9617d5428
423fb0c266f4a755fb3e2d9093f92b92a7e9bfe4c0c4a900b4342c5b9f6ea0cb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5abca86b5e3823bb80580865c6a796bf393c83e814bed0ed8bf414e81976c17d
5e38192f4148884481fea7adcc0b115d8a60a0e2fb02bb4c472c5bc002d4c4fa
65f5c194ebd21e077de6cda50344268096817b906e8d77746bef0530bd4385b3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
82323d30185d5b21a5e142a92496561e26e1033ddb4cca1eb10addac7f43b280
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
936731633f68e7bfa46daa86c910871fb673c6a15cb654d9de2dbe7268075d3b
9c579b8f13b69d00c8e158c0cda763caec552c71a8a44c68bedc38a5eba3498b
a0ed42ccbfcbb7f0aa30b876173daea09c4e579791df5e65e1ce8222236c322c
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
ac948c688f91a59a668b92b5762922afc5e9f8f143c8cf65c5e510ae1ceaef92
b723f6fcb2054f99c43bd9f0b24c48e308393b45f305b9b05f8575d5902660dd
b9ea7368bdeb874b872c57df21fdad4d93ce2219a6e32cb718ad1a8b9095773a
bae0be00456ea666920477be254fdcf5104a179cc46135c316a70ddbee9f8964
bc7cdfe66d524c203023659226c1b1e8a690fe738b78c0eabc2d5c2740221249
bf14e4adce295f2bdfc0586ba23e7e37c1b2b956a3157fe8e17ec10d154a5a1d
c0e0242f674df0404ecd186afd253208c848369310010c7a2a98c21e52cf023e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df92371a548b99f90afb3caeb15fdd106cbb37809b0f3f9db3db055e581ac28a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8bb2d4e1f7bf8a1aa9fe3ec8364e20339ed11dc1100fe854c3a39ca391cf2cd
eaea51cebbe2f4b14fd4c235e9584f107384e9bd64653932235503f203055185
eb84c0c9e63dad4d5e85af2c4c5009fba72f4eabee76bdc34bfe9fc5806adfba
ede2693a4a6a5126b9d35669062b358ecab6ae7b9b86a1cf302feb45a8514907
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee28fb495ac5b28ae38033e36a640d41dfeb2528c5124ff0203b09b06c05a36d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd4bdf5c117754802f889555f4396867101f917ce259303d8171371e2903589
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
f9a35df5918a188e315c825b4f94d60e25406bd5192dc3055ee747e013620087
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e