movieclub-z1c6a0.pages.dev Open in urlscan Pro
172.66.46.227 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://movieclub-z1c6a0.pages.dev/
Effective URL:
https://movieclub-z1c6a0.pages.dev/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On January 18 via api (January 18th 2026, 12:34:28 pm UTC) from IT — Scanned from DE

Summary HTTP 10 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 10 HTTP transactions. The main IP is 172.66.46.227, located in Ascension Island and belongs to CLOUDFLARENET, US. The main domain is movieclub-z1c6a0.pages.dev.
TLS certificate: Issued by WE1 on January 16th 2026. Valid for: 3 months.

This is the only time movieclub-z1c6a0.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	172.66.46.227 172.66.46.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
1	172.240.127.234 172.240.127.234	7979 (SERVERS-COM) (SERVERS-COM)
2	104.21.40.189 104.21.40.189	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.20.15.96 104.20.15.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.208.3 142.251.208.3	15169 (GOOGLE) (GOOGLE)
1	149.56.240.31 149.56.240.31	16276 (OVH OVH SAS) (OVH OVH SAS)
10	7

4 172.66.46.227 (Ascension Island) 1 redirects

ASN13335 (CLOUDFLARENET, US)

movieclub-z1c6a0.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.240.127.234 (United States)

ASN7979 (SERVERS-COM, US)

compassionatespreadinquire.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 104.21.40.189 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

analytics.cdnweb.info	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.20.15.96 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.208.3 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-bp-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 149.56.240.31 (Montreal, Canada)

ASN16276 (OVH OVH SAS, FR)
PTR: ns534110.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
4	pages.dev 1 redirects movieclub-z1c6a0.pages.dev	20 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 12950 s4.histats.com — Cisco Umbrella Rank: 12492	5 KB
2	cdnweb.info analytics.cdnweb.info	22 KB
1	gstatic.com fonts.gstatic.com	47 KB
1	compassionatespreadinquire.com compassionatespreadinquire.com
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	1 KB
10	6

	Domain	Requested by
4	movieclub-z1c6a0.pages.dev	1 redirects movieclub-z1c6a0.pages.dev
2	analytics.cdnweb.info	movieclub-z1c6a0.pages.dev analytics.cdnweb.info
1	s4.histats.com	s10.histats.com
1	fonts.gstatic.com	fonts.googleapis.com
1	s10.histats.com	movieclub-z1c6a0.pages.dev
1	compassionatespreadinquire.com	movieclub-z1c6a0.pages.dev
1	fonts.googleapis.com	movieclub-z1c6a0.pages.dev
10	7

This site contains links to these domains. Also see Links.

Domain
cineb.buzz

Subject Issuer	Validity	Valid
movieclub-z1c6a0.pages.dev WE1	`2026-01-16` - `2026-04-17`	3 months	crt.sh
upload.video.google.com WE2	`2025-12-09` - `2026-03-03`	3 months	crt.sh
compassionatespreadinquire.com R13	`2025-12-28` - `2026-03-28`	3 months	crt.sh
cdnweb.info WE1	`2025-11-22` - `2026-02-20`	3 months	crt.sh
s10.histats.com WE1	`2025-12-08` - `2026-03-08`	3 months	crt.sh
*.gstatic.com WE2	`2025-12-09` - `2026-03-03`	3 months	crt.sh
histats.com R13	`2025-12-30` - `2026-03-30`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://movieclub-z1c6a0.pages.dev/
Frame ID: 2264DB3F97C1F14727CC2783274DD921
Requests: 9 HTTP requests in this frame

Frame: https://movieclub-z1c6a0.pages.dev/cdn-cgi/challenge-platform/h/b/scripts/jsd/d251aa49a8a3/main.js
Frame ID: BA35C1B59B872997258B3C691266D9A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FairCombo

Page URL History Show full URLs

http://movieclub-z1c6a0.pages.dev/ HTTP 307
https://movieclub-z1c6a0.pages.dev/ Page URL

Detected technologies

HSTS (Security) Expand

Overall confidence: 100%
Detected patterns

^https://[\w\d\.\-]+(?:\.dev)(?:/.+||/)$

Page Statistics

10
Requests

90 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

95 kB
Transfer

177 kB
Size

9
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://cineb.buzz/
Title: FairCombo

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/latest-updates/
Title: Latest Updates

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/government-news/
Title: Government News

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/economy/
Title: Economy

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/financial-news/
Title: Financial News

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/market-trends/
Title: Market Trends

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/health-news/
Title: Health News

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/community-stories/
Title: Community Stories

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/real-estate/
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/agriculture/
Title: Agriculture

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/rural-updates/
Title: Rural Updates

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/entrepreneurship/
Title: Entrepreneurship

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/career-news/
Title: Career News

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/tv-show-news/
Title: Tv Show News

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/box-office-news/
Title: Box Office News

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/celebrity-deaths/
Title: Celebrity Deaths

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/celebrity-podcasts/
Title: Celebrity Podcasts

Search URL Search Domain Scan URL

URL: https://cineb.buzz/amy-schneider-wife-husband-who-is-amy-schneider-s-girlfriend-genevieve-davis/20718390.html
Title: Amy Schneider Wife/Husband: Who Is Amy Schneider’s Girlfriend Genevieve Davis?

Search URL Search Domain Scan URL

URL: https://cineb.buzz/trisha-yearwood/2077672.html
Title: Trisha Yearwood

Search URL Search Domain Scan URL

URL: https://cineb.buzz/former-rhoc-stars-where-are-they-now/20712300.html
Title: Former ‘RHOC’ Stars: Where Are They Now?

Search URL Search Domain Scan URL

URL: https://cineb.buzz/keegan-bradley-age-height-wife-net-worth-ethnicity/2074371.html
Title: Keegan Bradley- Age, Height, Wife, Net Worth, Ethnicity

Search URL Search Domain Scan URL

URL: https://cineb.buzz/offset-039-s-new-album-gets-a-major-boost-in-updated-sales-numbers/2077292.html
Title: Offset's New Album Gets A Major Boost In Updated Sales Numbers

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/celebrity-flashbacks/
Title: Celebrity Flashbacks

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/celebrity-news-uk/
Title: Celebrity News UK

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/celeb-makeup-looks/
Title: Celeb Makeup Looks

Search URL Search Domain Scan URL

URL: https://cineb.buzz/category/celebrity-health-battles/
Title: Celebrity Health Battles

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://movieclub-z1c6a0.pages.dev/ HTTP 307
https://movieclub-z1c6a0.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://movieclub-z1c6a0.pages.dev/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://movieclub-z1c6a0.pages.dev/cdn-cgi/challenge-platform/h/b/scripts/jsd/d251aa49a8a3/main.js

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
movieclub-z1c6a0.pages.dev/
Redirect Chain

http://movieclub-z1c6a0.pages.dev/
https://movieclub-z1c6a0.pages.dev/

14 KB
5 KB

79ms
53ms

Document
text/html

172.66.46.227
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://movieclub-z1c6a0.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.46.227 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cb2c072aedfa76af9c1a9bff056927cf54abc39d1c6997df13f73ad8d223b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 9bfe20731fbc9f4b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 18 Jan 2026 12:34:29 GMT
etag: W/"f19a09bb568dd60c41041798c53503d4"
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ZeYnqLnvqubsx3L5qpHP1jR7TBZoTpuZZawL4GCD3uE1zSxJW185gWaFdNqQ1TAhDQAOitDDZZKcbseskos8KjmJzysJXWJZxegjKQ%2FB47XoLpolltG2fiey"}]}
server: cloudflare
server-timing: cfExtPri
vary: accept-encoding
x-content-type-options: nosniff

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://movieclub-z1c6a0.pages.dev/
Non-Authoritative-Reason: HSTS

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 48ms
19ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap

Requested by

Host: movieclub-z1c6a0.pages.dev
URL: https://movieclub-z1c6a0.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

35a8def67917588fdcf909fd2312ddf149bcdb31d790670e662bfa0216ee5ccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://movieclub-z1c6a0.pages.dev/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 18 Jan 2026 12:34:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 18 Jan 2026 12:34:29 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 18 Jan 2026 11:03:49 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 403
Forbidden invoke.js
compassionatespreadinquire.com/fd38ad27e6598e77efd510d728d61fd6/ 0
0 417ms
194ms Script
application/javascript 172.240.127.234
SERVERS-COM

General

Check archive.org

Download Go to

Full URL: https://compassionatespreadinquire.com/fd38ad27e6598e77efd510d728d61fd6/invoke.js
Requested by: Host: movieclub-z1c6a0.pages.dev
URL: https://movieclub-z1c6a0.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://movieclub-z1c6a0.pages.dev/

Response headers

accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 1
Connection: keep-alive
access-control-allow-origin: *
Content-Length: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Sun, 18 Jan 2026 12:34:29 GMT
Content-Type: application/javascript
Host: compassionatespreadinquire.com
Server: nginx/1.21.6

GET
H2 200 matomo.js Show response
analytics.cdnweb.info/ 66 KB
22 KB 59ms
13ms Script
text/javascript 104.21.40.189
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://analytics.cdnweb.info/matomo.js
Requested by: Host: movieclub-z1c6a0.pages.dev
URL: https://movieclub-z1c6a0.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.40.189 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbefc0fa9b6b7680a9a1c1e5a0f0cc7c8ae3c41a7b15c206a144963cb36a073d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://movieclub-z1c6a0.pages.dev/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "107ba-6342628d95fc0-gzip"
age: 4265
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=fuzIaS6inoCs4D%2Fxst%2B4xEyYkH1N4jJHKivQTFokY4mQIY3LuzR181gXgS1FxmpLBQ4CgNQcpbO1OcyfW0Lmg6q5gl93Aipwr%2F7RbLC72wMaci8dSQ%3D%3D"}]}
alt-svc: h3=":443"; ma=86400
date: Sun, 18 Jan 2026 12:34:29 GMT
content-type: text/javascript
last-modified: Fri, 02 May 2025 12:19:19 GMT
vary: Accept-Encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: max-age=14400
cf-ray: 9bfe20743dddb044-FRA
accept-ranges: bytes
content-length: 21965
server: cloudflare

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 33ms
13ms Script
text/javascript 104.20.15.96
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: movieclub-z1c6a0.pages.dev
URL: https://movieclub-z1c6a0.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.15.96 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://movieclub-z1c6a0.pages.dev/

Response headers

cache-control: max-age=28800
content-encoding: gzip
cf-cache-status: HIT
etag: "-375139978"
age: 33690
cf-ray: 9bfe20741cbffc56-FRA
accept-ranges: bytes
content-length: 4547
date: Sun, 18 Jan 2026 12:34:29 GMT
content-type: text/javascript
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v20/ 47 KB
47 KB 28ms
8ms Font
font/woff2 142.251.208.3
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-bp-in-f3.1e100.net

Software

sffe /

Resource Hash

3100e775e8616cd2611beecfa23a4263d7037586789b43f035236a2e6fbd4c62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin: https://movieclub-z1c6a0.pages.dev
Referer: https://fonts.googleapis.com/

Response headers

age: 516566
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 12 Jan 2027 13:05:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 12 Jan 2026 13:05:03 GMT
last-modified: Tue, 09 Sep 2025 18:33:53 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48256
x-xss-protection: 0
server: sffe

GET
H3

200

main.js Show response
movieclub-z1c6a0.pages.dev/cdn-cgi/challenge-platform/h/b/scripts/jsd/d251aa49a8a3/ Frame BA35
Redirect Chain

https://movieclub-z1c6a0.pages.dev/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://movieclub-z1c6a0.pages.dev/cdn-cgi/challenge-platform/h/b/scripts/jsd/d251aa49a8a3/main.js?

20 KB
9 KB

20ms
19ms

Script
application/javascript

172.66.46.227
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://movieclub-z1c6a0.pages.dev/cdn-cgi/challenge-platform/h/b/scripts/jsd/d251aa49a8a3/main.js?

Requested by

Host: movieclub-z1c6a0.pages.dev
URL: https://movieclub-z1c6a0.pages.dev/

Protocol

Server

172.66.46.227 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

258944c4c8567ab72f3903c91c9572ea6175e1e6aaab61654036e1830556192f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FsigWgdGtu734jveQGQvrakL6xCEq%2F76J9lgCyw%2BGjHdcjGthKDUd%2FmiVEoa669FHx7XaQz17pU18v2moD8gx4F%2F4jDNFtyiRdywxPhcOasTLcVzMFC4prnfHCuyHq%2FqKcM6O8YqOesRtZ3jRg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 9bfe207438e39f4b-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 18 Jan 2026 12:34:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/d251aa49a8a3/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jlLIZZMKfh6gKTpluRwJw2Y6L5FUPrkK%2FB5%2F7ZEz2iRRmRLg0Q3H9hK3FoZt1BiSxesJGY0eHQ6pHS9KobvrHFSBsqfdDgcgfyT65eiXY6u9Y3psup8xw767FSwNe%2FQ6O1na%2BX%2FNL35VOKmpTw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 9bfe207428c79f4b-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Sun, 18 Jan 2026 12:34:29 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 423ms
204ms Script
text/html 149.56.240.31
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://s4.histats.com/stats/0.php?4718751&@f16&@g1&@h1&@i1&@j1768739669150&@k0&@l1&@mFairCombo&@n0&@o1000&@q0&@r0&@s0&@tde-DE&@u1600&@b1:-86147704&@b3:1768739669&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fmovieclub-z1c6a0.pages.dev%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.31 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ns534110.ip-149-56-240.net
Software: /
Resource Hash: b3a4c829d621049b1356bb54660af4efb3f50b196f30d69c051263101eaaee41

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://movieclub-z1c6a0.pages.dev/

Response headers

Content-Length: 51
Date: Sun, 18 Jan 2026 12:33:24 GMT
Content-Type: text/html;charset=UTF-8
Connection: close

POST
H2 204 matomo.php
analytics.cdnweb.info/ 0
290 B 281ms
280ms Ping
text/plain 104.21.40.189
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://analytics.cdnweb.info/matomo.php?action_name=FairCombo&idsite=2&rec=1&r=033873&h=13&m=34&s=29&url=https%3A%2F%2Fmovieclub-z1c6a0.pages.dev%2F&_id=d2629cefcb1456ab&_idn=1&send_image=0&_refts=0&pv_id=vctkfV&pf_net=26&pf_srv=52&pf_tfr=2&pf_dm1=85&uadata=%7B%22formFactors%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: analytics.cdnweb.info
URL: https://analytics.cdnweb.info/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.40.189 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://movieclub-z1c6a0.pages.dev/

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=P9zF%2BgTBI%2FkveeRMH3L9tz2MKHQoFzE4UvgfQuEPdOZ2lKvuoXFS4AixZCuAHZoK6hrVkWgHd0CWNZTpLaMcjoijXeLZZbktZz2P%2FpGHilhc8%2FwWyQ%3D%3D"}]}
cf-ray: 9bfe20748e87b044-FRA
access-control-allow-origin: https://movieclub-z1c6a0.pages.dev
alt-svc: h3=":443"; ma=86400
date: Sun, 18 Jan 2026 12:34:29 GMT
server: cloudflare

GET
H3 200 favicon.ico
movieclub-z1c6a0.pages.dev/ 14 KB
5 KB 37ms
37ms Other
text/html 172.66.46.227
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://movieclub-z1c6a0.pages.dev/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.46.227 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cb2c072aedfa76af9c1a9bff056927cf54abc39d1c6997df13f73ad8d223b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://movieclub-z1c6a0.pages.dev/

Response headers

content-encoding: br
etag: W/"f19a09bb568dd60c41041798c53503d4"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=tzSRlFRcLKkNdXV%2BRTiApYD5GKKDDmi9IvOLDcgbRURikEjkwIBgetS5mmBDR7ckCvdl7OoA7RhTzhIfZBMhhwj3poC0PO7UVBpcR3wqsFVeYAfitz%2FdhKtI"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 18 Jan 2026 12:34:29 GMT
content-type: text/html; charset=utf-8
vary: accept-encoding
priority: u=1,i
cache-control: public, max-age=0, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 9bfe2076eb0d9f4b-FRA
access-control-allow-origin: *
server: cloudflare

Verdicts & Comments Add Verdict or Comment

15 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
movieclub-z1c6a0.pages.dev/	1970-01-21 20:04:35	Name: HstCfa4718751 Value: 1768739669150
movieclub-z1c6a0.pages.dev/	1970-01-21 20:04:35	Name: HstCla4718751 Value: 1768739669150
movieclub-z1c6a0.pages.dev/	1970-01-21 20:04:35	Name: HstCmu4718751 Value: 1768739669150
movieclub-z1c6a0.pages.dev/	1970-01-21 20:04:35	Name: HstPn4718751 Value: 1
movieclub-z1c6a0.pages.dev/	1970-01-21 20:04:35	Name: HstPt4718751 Value: 1
movieclub-z1c6a0.pages.dev/	1970-01-21 20:04:35	Name: HstCnv4718751 Value: 1
movieclub-z1c6a0.pages.dev/	1970-01-21 20:04:35	Name: HstCns4718751 Value: 1
movieclub-z1c6a0.pages.dev/	1970-01-21 20:44:54	Name: _pk_id.2.eac0 Value: d2629cefcb1456ab.1768739669.
movieclub-z1c6a0.pages.dev/	1970-01-21 11:19:01	Name: _pk_ses.2.eac0 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://compassionatespreadinquire.com/fd38ad27e6598e77efd510d728d61fd6/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.cdnweb.info
compassionatespreadinquire.com
fonts.googleapis.com
fonts.gstatic.com
movieclub-z1c6a0.pages.dev
s10.histats.com
s4.histats.com
104.20.15.96
104.21.40.189
142.250.184.234
142.251.208.3
149.56.240.31
172.240.127.234
172.66.46.227
258944c4c8567ab72f3903c91c9572ea6175e1e6aaab61654036e1830556192f
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3100e775e8616cd2611beecfa23a4263d7037586789b43f035236a2e6fbd4c62
35a8def67917588fdcf909fd2312ddf149bcdb31d790670e662bfa0216ee5ccf
4cb2c072aedfa76af9c1a9bff056927cf54abc39d1c6997df13f73ad8d223b80
b3a4c829d621049b1356bb54660af4efb3f50b196f30d69c051263101eaaee41
dbefc0fa9b6b7680a9a1c1e5a0f0cc7c8ae3c41a7b15c206a144963cb36a073d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

movieclub-z1c6a0.pages.dev Open in urlscan Pro 172.66.46.227 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

90 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

7 IPs

3 Countries

95 kBTransfer

177 kBSize

9 Cookies

26 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Window variables

9 Cookies

1 Console Messages

Security Headers

Indicators

movieclub-z1c6a0.pages.dev Open in urlscan Pro
172.66.46.227 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

95 kB
Transfer

177 kB
Size

9
Cookies

10 HTTP transactions
0 data transactions