fustycinema.world Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/bertacanada/leroydewaltit2506.html
Effective URL:
https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.1...
Submission: On June 25 via manual (June 25th 2024, 8:32:27 pm UTC) from IT — Scanned from IT

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 28 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is fustycinema.world.
TLS certificate: Issued by GTS CA 1P5 on May 24th 2024. Valid for: 3 months.

This is the only time fustycinema.world was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 2	172.217.23.123 172.217.23.123	15169 (GOOGLE) (GOOGLE)
2 2	34.78.74.19 34.78.74.19	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	104.155.58.45 104.155.58.45	15169 (GOOGLE) (GOOGLE)
1 2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 22	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
1	172.67.142.245 172.67.142.245	() ()
28	6

2 172.217.23.123 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f123.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.78.74.19 (Brussels, Belgium) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 19.74.78.34.bc.googleusercontent.com

throughfares.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.155.58.45 (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 45.58.155.104.bc.googleusercontent.com

stocktrackingsalesstacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.directthruredir3ct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fustycinema.world	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.142.245 (None, )

ASN- ()

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	fustycinema.world 1 redirects fustycinema.world	2 MB
2	throughfares.com 2 redirects throughfares.com	773 B
2	googleapis.com 1 redirects storage.googleapis.com — Cisco Umbrella Rank: 434	795 B
1	trk-consulatu.com trk-consulatu.com — Cisco Umbrella Rank: 114333 event.trk-consulatu.com Failed	3 KB
1	fontawesome.com use.fontawesome.com	426 KB
1	google.com www.google.com — Cisco Umbrella Rank: 5	1 KB
1	directthruredir3ct.com 1 redirects www.directthruredir3ct.com	832 B
1	stocktrackingsalesstacks.com 1 redirects stocktrackingsalesstacks.com	783 B
28	8

	Domain	Requested by
22	fustycinema.world	1 redirects fustycinema.world
2	throughfares.com	2 redirects
2	storage.googleapis.com	1 redirects
1	trk-consulatu.com	fustycinema.world
1	use.fontawesome.com	fustycinema.world
1	www.google.com
1	www.directthruredir3ct.com	1 redirects
1	stocktrackingsalesstacks.com	1 redirects
0	event.trk-consulatu.com Failed	trk-consulatu.com
28	9

This site contains no links.

Subject Issuer	Validity	Valid
storage.googleapis.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
fustycinema.world GTS CA 1P5	`2024-05-24` - `2024-08-22`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
trk-consulatu.com WE1	`2024-06-20` - `2024-09-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Frame ID: 6603B27F58BAC9EE2C6D905FAB6811BB
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Premi del sondaggio

Page URL History Show full URLs

https://storage.googleapis.com/bertacanada/leroydewaltit2506.html Page URL
https://throughfares.com/?a=5445&oc=20565&c=55250&p=r&m=3&s1=newid2506 HTTP 302
https://throughfares.com/?a=5445&oc=20565&c=55250&p=r&m=3&s1=newid2506&ch-redir=1&ckmxid=cptiil9l0001... HTTP 302
https://stocktrackingsalesstacks.com/?a=5445&oc=20565&c=55250&p=r&m=3&s1=newid2506&ch-redir=1&ckmxid=cptiil9l0001... HTTP 302
https://www.directthruredir3ct.com/B1Z33J/22QC77GS/?sub2=367087158&source_id=5445 HTTP 302
https://fustycinema.world/no22pHcf5T/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803... HTTP 302
http://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=... HTTP 307
https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=... Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

28
Requests

86 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

6
IPs

3
Countries

2678 kB
Transfer

3526 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/bertacanada/leroydewaltit2506.html Page URL
https://throughfares.com/?a=5445&oc=20565&c=55250&p=r&m=3&s1=newid2506 HTTP 302
https://throughfares.com/?a=5445&oc=20565&c=55250&p=r&m=3&s1=newid2506&ch-redir=1&ckmxid=cptiil9l0001su7tkarg HTTP 302
https://stocktrackingsalesstacks.com/?a=5445&oc=20565&c=55250&p=r&m=3&s1=newid2506&ch-redir=1&ckmxid=cptiil9l0001su7tkarg&ckmguid=8d6b7c9c-e719-4da8-99b8-b93fddcfd503 HTTP 302
https://www.directthruredir3ct.com/B1Z33J/22QC77GS/?sub2=367087158&source_id=5445 HTTP 302
https://fustycinema.world/no22pHcf5T/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com HTTP 302
http://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com HTTP 307
https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://storage.googleapis.com/favicon.ico HTTP 307
https://www.google.com/images/icons/product/cloud_storage-32.png

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 leroydewaltit2506.html Show response
storage.googleapis.com/bertacanada/ 114 B
590 B 94ms
94ms Document
text/html 172.217.23.123
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/bertacanada/leroydewaltit2506.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.123 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f123.1e100.net
Software: UploadServer /
Resource Hash: e00a929c870f7b0725e710631150852fce1d0f3c6a2f423eabf7d5fd1021eaf6

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 1177
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 114
content-type: text/html
date: Tue, 25 Jun 2024 20:12:44 GMT
etag: "a08cb829e1f7b2aab61c0cfd4a840bb1"
expires: Tue, 25 Jun 2024 21:12:44 GMT
last-modified: Tue, 25 Jun 2024 16:57:07 GMT
server: UploadServer
x-goog-generation: 1719334627957993
x-goog-hash: crc32c=1DUIBA== md5=oIy4KeH3sqq2HAz9SoQLsQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 114
x-guploader-uploadid: ACJd0NrXJxtq9ygCmlO3PPgKg6UZxkEkWYWn-zjX8LrE5oEJfcHYrJ8jYEDYwuFNCPQJJ4PkFidKRdXWjg

GET
H2

200

Primary Request / Show response
fustycinema.world/
Redirect Chain

https://throughfares.com/?a=5445&oc=20565&c=55250&p=r&m=3&s1=newid2506
https://throughfares.com/?a=5445&oc=20565&c=55250&p=r&m=3&s1=newid2506&ch-redir=1&ckmxid=cptiil9l0001su7tkarg
https://stocktrackingsalesstacks.com/?a=5445&oc=20565&c=55250&p=r&m=3&s1=newid2506&ch-redir=1&ckmxid=cptiil9l0001su7tkarg&ckmguid=8d6b7c9c-e719-4da8-99b8-b93fddcfd503
https://www.directthruredir3ct.com/B1Z33J/22QC77GS/?sub2=367087158&source_id=5445
https://fustycinema.world/no22pHcf5T/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
http://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

29 KB
5 KB

96ms
94ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c818417669b877a42a0f5c4cc21a18f287f5632af7ba24ff0163ca47cbfdbc9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://storage.googleapis.com/bertacanada/leroydewaltit2506.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8997ba075f053761-MXP
content-encoding: br
content-type: text/html
date: Tue, 25 Jun 2024 20:32:24 GMT
expires: Tue, 25 Jun 2024 20:32:23 GMT
last-modified: Sun, 02 Jun 2024 21:03:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cdjwYvSxfrdaaq9WiB%2F%2FxKc%2F4ThjQlP8%2B6r%2FUrVWIPdrAFtUDqApRC1iJDcSTRRfxBgkYisF4IitZi9ptgQQUNGqGy79l0IRSPqu%2BHWLxmtXTMbvpsPtE%2BJ557pwwSJthEGyOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Non-Authoritative-Reason: HSTS

GET
H2

200

cloud_storage-32.png
www.google.com/images/icons/product/
Redirect Chain

https://storage.googleapis.com/favicon.ico
https://www.google.com/images/icons/product/cloud_storage-32.png

850 B
1 KB

524ms
63ms

Other
image/png

142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/images/icons/product/cloud_storage-32.png

Protocol

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://storage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 25 Jun 2024 20:32:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 850
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 25 Jun 2024 20:32:22 GMT

Redirect headers

date: Tue, 25 Jun 2024 20:21:42 GMT
server: UploadServer
age: 639
x-guploader-uploadid: ACJd0NrtAx6Y5p94NBxSQL21Ie1Y3Y0cwo3JUJUe18Pg0ggf6gU1AbqZGcDVIWevLXhWOsg_2Hu5lyyGlA
content-type: text/html; charset=UTF-8
location: https://www.google.com/images/icons/product/cloud_storage-32.png
cache-control: public, max-age=31556926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 style.css
fustycinema.world/css/ 16 KB
3 KB 151ms
149ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fustycinema.world/css/style.css

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c5235b07cddb23f7916c82372e8e7c0141aa97b1ad03216f77b67871eb6844a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 02 Jun 2024 21:03:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665cde0d-3f35"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y6BAvrdS2nMmlUdRPawU3699zofMg1RrRsPXv358v9WyXr27chMJIz0twReam6E2clPMWU%2BTsuo8gLly9FitnyWbvRpH3krIOVaHaRs2fAfysirBFHnNQx2nhYad7L0gv7i0CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8997ba08180e3761-MXP
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 animate.min.css
fustycinema.world/css/ 70 KB
6 KB 100ms
98ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fustycinema.world/css/animate.min.css

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 02 Jun 2024 21:03:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665cde0d-11846"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Q69ETcFEm2g%2FfeZTmBPqH%2FOg03kVQICj64BVUDSSYXppNqtwb%2BTXPRGUSrlr6LeEltKzd%2BdM5TkK%2BJHGd3Msk5Ec%2Ft26HdyOrBMVBbx1pnhg%2FUeVdnKQL1EInk5bPaUMlc3Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8997ba08180f3761-MXP
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.15.4/js/ 1 MB
426 KB 1054ms
248ms Script
application/javascript 172.67.142.245

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/js/all.js
Requested by: Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.245 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/
Origin: https://fustycinema.world
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 112838
etag: W/"5e29440867fdb02a48dffded02338c31"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XAvooHsJ9iXMDHJNbC%2Ft0KmhdFfD1pwqAUe8VgG7oMpjs98DjcNmHFKPnmk5tDqUSGWVXqiwbGlboYNy6FqlYsksNRsD6bGfMCle2F5Iy1YVAZPIShgW4V5ubAskT39ehHJBZIX%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8997ba0eae2cf94f-SJC
alt-svc: h3=":443"; ma=86400

GET
H2 200 datehead.js Show response
fustycinema.world/js/ 2 KB
1 KB 149ms
148ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fustycinema.world/js/datehead.js

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aedbcd877e395c160a5b93c1cf1809218cee953a1964c86c846134490d7fe7eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 02 Jun 2024 21:03:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665cde0d-9a1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iHmGpzIsk63chOzl6uvcoT4nQYpYC%2BGXUiDCN5BtZ7ZTYScE5P0VmORfvK%2Fzef6Z8TnFjq15bS1jyU%2Fe5%2FCxM8ly3HoT6VnA7wHBaQQbGRA494OpZS%2F3ZuK38pdc8mOmVRA89w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8997ba0818133761-MXP
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 logo111.png
fustycinema.world/images/ 18 KB
19 KB 122ms
121ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fustycinema.world/images/logo111.png

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a9ad77a662bfd6b41640a71e013b1aed157bc0f44be5463ad73f14428b49e04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 18829
last-modified: Sun, 02 Jun 2024 21:03:10 GMT
server: cloudflare
etag: "665cde0e-498d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=895Mew0vbwQZkE%2BWc0UzXbGdqu6%2FebqKVp223eTfi45TEQeHD7v5yWmV6tt1FO1eqIvDiCONeMigkKNHLba9t50bszECAWPxPkt2t5PjkLTCocM2sz4%2FCm5Go51RhKkixcLrDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8997ba0818153761-MXP
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 flaglogo.png
fustycinema.world/images/ 2 KB
3 KB 121ms
120ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fustycinema.world/images/flaglogo.png

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

625ea86dc2049e2a10146d128475c833a395ef0ccf4dbd3a9b54dc570bbc983a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2261
last-modified: Sun, 02 Jun 2024 21:03:10 GMT
server: cloudflare
etag: "665cde0e-8d5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h9yOJMR5l6pTVPaClnfkJKb7xIHV%2FeIljQa25cwggIpu0Yhtvz0VOrCY70DXj2g9HURvhx1bkJWbdvLphtc53mbQ8dcmFPGOxbmPg%2BZgy3Ej9c3Te4Ah8kOxrglGCIBPE3Y9Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8997ba0818163761-MXP
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 product.png
fustycinema.world/images/ 638 KB
639 KB 105ms
105ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fustycinema.world/images/product.png

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80f1d5b833c2bca3d6ff96e7b81d7c11f9e3ca57a042b3e694c582a5cafca0d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 652845
last-modified: Sun, 02 Jun 2024 21:03:10 GMT
server: cloudflare
etag: "665cde0e-9f62d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FbS%2FKlX5uWuS3%2BVPdDtyJYaHiJzOuSYRxfwtOaiWeo%2BnILsFy%2BFsChpUliwud247mdr%2FLgfCrP2aZZpE4dGi1dut9%2FDMy6cqs48CnYvHrt8IC2UBf4fl04KalOuNEFfcsr3RIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8997ba08d8f13761-MXP
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 loadingBL.gif
fustycinema.world/images/ 122 KB
122 KB 199ms
199ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fustycinema.world/images/loadingBL.gif

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f7f067acc2b7b0ecabfa6cb28c30ccda7615ce9ff9b5ebdc5586023b6ffc50b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 124659
last-modified: Sun, 02 Jun 2024 21:03:09 GMT
server: cloudflare
etag: "665cde0d-1e6f3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=34kvnrwNu2APfokEup4tgQJRNdjDofwG3TBKawJkAJiqgCr6Hs15Ma9FPCFo%2BRcuBOZ6VusoRt6Ft7oHk4%2BwC0VrgzmiX4U5wsU5s%2BaQisQJqc2sCyEwyMzmdKohF2Y0CeJhxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8997ba0909263761-MXP
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 prize1.png
fustycinema.world/images/ 637 KB
638 KB 193ms
190ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fustycinema.world/images/prize1.png

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5d39ce001acdaf38d616426bdf204532d35e047b19ac0eeea37465abec34123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 652351
last-modified: Sun, 02 Jun 2024 21:03:10 GMT
server: cloudflare
etag: "665cde0e-9f43f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kI40Yiw10nxdNDcWW0fNOnZ4c7cqvlMNx7f9xrlbtULLR3CbXC%2ByfhbqSh4jBHmjQaIc5idEF4mhDkkAKrMutWkKZGVKOjoYPxncPDfSjJ1EqURXmzccF1Rcbnahgy3VzRbPxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8997ba0929403761-MXP
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 1.jpg
fustycinema.world/images/ 42 KB
43 KB 191ms
189ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fustycinema.world/images/1.jpg

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2378cc3d0cb20164bb398f84dfaa239aacc8426268e451312ece610ef25355b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 43237
last-modified: Sun, 02 Jun 2024 21:03:10 GMT
server: cloudflare
etag: "665cde0e-a8e5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lgg7GAqVq6GA%2FEETjSBe92jySVdCz4s5z7bI0aG1aMRVajZfU%2F3NFEYms3PhrGgjhQ5i1fn9konf494%2BPbnhX%2FabNfQKMmtGglKGKVrNDpY4OQkYSFqY77jkNQTpuObl%2BmXJYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8997ba0929453761-MXP
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 2.jpg
fustycinema.world/images/ 40 KB
41 KB 191ms
190ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fustycinema.world/images/2.jpg

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f1d0f0b3fb3e2472b3010c9b6d57e9450c2d5f4a097cb129cfd3256b69ff19f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 41269
last-modified: Sun, 02 Jun 2024 21:03:10 GMT
server: cloudflare
etag: "665cde0e-a135"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2XKtzC5VwBJtOyHN5FnMaiq1w2nrHrp7Uytr6FPfWjuFsP4QlWYSL0fvM0Sspx683zz1vB32im0dihtCYuHnTFB4WN0osL3u7rpCfxZAn6%2FgU3n3YwPqaYC1e%2FOWd9VlLcPu1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8997ba0929463761-MXP
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 comm_pic_1.jpg
fustycinema.world/images/ 127 KB
127 KB 421ms
419ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fustycinema.world/images/comm_pic_1.jpg

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a07aa6743e1e91a1e8061bea712f4304796b324cb956a8307ef07539af9dcc40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 129819
last-modified: Sun, 02 Jun 2024 21:03:10 GMT
server: cloudflare
etag: "665cde0e-1fb1b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2wyadnGltWdsaQ05fb4Dok8DWVrf5qBZPQtWDjB2TzZ69RnbXJCvzMVyN1Pm%2Bou5gvZI9xSB8dy3AQShg3saH2Ji%2FTYotaB69HhgvITkgoz6o%2BBtMBrFlGoQOpMbLvTlGHbw8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8997ba0949773761-MXP
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 3.jpg
fustycinema.world/images/ 39 KB
39 KB 268ms
267ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fustycinema.world/images/3.jpg

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79773e578e658480392c920253f0c6befaa904d9c566c8a974afa18b1a7e910f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 39631
last-modified: Sun, 02 Jun 2024 21:03:10 GMT
server: cloudflare
etag: "665cde0e-9acf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pjzPxobx%2FeibiSYDXRKRuvIZoGrhEfOXcTxuaw0DM8H49qxxqikkAibEbATgxd%2BPh%2BvHhAp4YsFlVT2NIx0hmR3JLYtuB2qKwtl8qE4K%2FnL94wDL7EStlpbLsYowswfrwWS6Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8997ba09497b3761-MXP
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 4.jpg
fustycinema.world/images/ 34 KB
34 KB 489ms
487ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fustycinema.world/images/4.jpg

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f7762632691a474650c1cf2d66d74fe67685eb44d68c98b03e39a06aecd874c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 34392
last-modified: Sun, 02 Jun 2024 21:03:10 GMT
server: cloudflare
etag: "665cde0e-8658"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=frEzJlClV82eEusIUtI%2Bzq4di%2BylaJ5xODFeU8KH1DA9F43Ip2M0zBH05eOMI9yeC2mzsTQU%2FfaBqrO%2FGYG46eSdXjyKM9gi7gtODKh6Wd7DUVmSXbA0RJzxnRBtAGbXDppaDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8997ba09497d3761-MXP
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 comm_pic_2.jpg
fustycinema.world/images/ 138 KB
139 KB 417ms
415ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fustycinema.world/images/comm_pic_2.jpg

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bb4a1f4f62ef227c42c8a379c8e3fec9a3246554b5417647c7763cc15c869b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 141375
last-modified: Sun, 02 Jun 2024 21:03:11 GMT
server: cloudflare
etag: "665cde0f-2283f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DB896xiqiK16%2BzSkpzNspSU8Jj7CDg9L5LbWUBuXfra7ufZEWk0HxytyjRJVd3UjZEJfkQlse3AuAuAs3ajOD0URfqzZrZNV7CFDlm6R4%2BhUBxHcIi5raZxh5PcL0g%2FccGcXSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8997ba09497e3761-MXP
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 5.jpg
fustycinema.world/images/ 39 KB
39 KB 421ms
420ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fustycinema.world/images/5.jpg

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d16e33a5999f3cd7e3d8c046f1225fa254951d50163e16faca065a1c15311c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 39576
last-modified: Sun, 02 Jun 2024 21:03:09 GMT
server: cloudflare
etag: "665cde0d-9a98"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xhjsauO4G%2BGKm%2F6vAYWgmZgmTnUgCEkst8LmQO5gZh7b3Q2gL0EJowjK0EGYXEynM%2FIg7qYWxIMc4glQYabymyUt2V6hs4ZTDShK5D5mJ%2B%2FHlUC29CcGQLMT%2FrKb%2BKWyITzcjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8997ba09497f3761-MXP
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 f_guarantee.png
fustycinema.world/images/ 6 KB
7 KB 417ms
416ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fustycinema.world/images/f_guarantee.png

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6352
last-modified: Sun, 02 Jun 2024 21:03:09 GMT
server: cloudflare
etag: "665cde0d-18d0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lSD9ZTuN9KMB5L7CmI34LypBxF7OgJ5s07TE5JRwYp2u24VpXLb%2FHaBPlzUeZVpfSgEvJpVy5qZOrfQGfuIxxVqsYXAvJm4YWgZM%2B00LJiO58w3ac3r75k35jVRBczl9Z7uY2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8997ba0949813761-MXP
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 f_secure_1.png
fustycinema.world/images/ 10 KB
10 KB 421ms
420ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fustycinema.world/images/f_secure_1.png

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 9862
last-modified: Sun, 02 Jun 2024 21:03:10 GMT
server: cloudflare
etag: "665cde0e-2686"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fm2S8QaQE56WZ4%2FAcvYmVsM5be%2F9nvZsfupLMd4lNfkqOm0jdUGM%2BYCaNxkxN93DJ%2B58Wi5noT8lL9KQGWsqsVhJwCu8ZKuEb%2FyVFyCHVy6eIj0Ae4iAe4zhWnraOwCSrjjpFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8997ba0949823761-MXP
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 logo222.png
fustycinema.world/images/ 19 KB
20 KB 417ms
416ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fustycinema.world/images/logo222.png

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eba82f5214269dce3ca23dea6befc2c4576377c98129909e5901e56176bfd2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 19746
last-modified: Sun, 02 Jun 2024 21:03:11 GMT
server: cloudflare
etag: "665cde0f-4d22"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1tboid6%2B9n8R9yaSKWa5xOmnHMZ7cHWfXboJ6y5hZO58YUON6c4ZUWAncSxw4bCXAQFzw7jj9rx6IW7BbwiiwnrbR2u%2FJ0%2FKwtZQ%2BKO%2BV2SrAnHUWyelJt9VCBEfeuXs1EPZ3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8997ba0949833761-MXP
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 script.js Show response
fustycinema.world/js/ 10 KB
2 KB 190ms
188ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fustycinema.world/js/script.js

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cf1fbb14c0d93cda6c07c7c34bf248ba1c6dccaef52b1c1833fc54ca6c673d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 02 Jun 2024 21:03:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665cde0d-282a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X5%2BA6s3QWpMbr4%2BFbsu9agmorDO4hcd%2FeKZn8Yax%2B9223ISwtbNeCNopmtqd%2Fwww%2FhXabemwrSvETDLa3bb76cJaKeKR62R2U0LBsMlvdMcW%2FrEUk%2BER3%2FyjmeXshHWgKinj6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8997ba0929433761-MXP
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 bg.png
fustycinema.world/images/ 310 KB
311 KB 420ms
420ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fustycinema.world/images/bg.png

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d38b978934f045c5dbda2cda25cd3c2b6a24d193f5b97fac690d5a9b3bb3bf28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/css/style.css
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 317791
last-modified: Sun, 02 Jun 2024 21:03:11 GMT
server: cloudflare
etag: "665cde0f-4d95f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T597sHjSFtp1vC3c4ZVLi23c1FFa5XX8zPt5hEQ8wT4r26s5DN8EzJmQ9DjK0WftVsgp86TeNAaMlqSna120zoxK104PJLRG4SuY0f6%2BOmobVJ0savEiHr8QdtYeC1VOka8IrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8997ba0949843761-MXP
expires: Tue, 25 Jun 2024 20:32:23 GMT

GET
H2 200 64d5p99gj0 Show response
trk-consulatu.com/scripts/push/script/ 8 KB
3 KB 614ms
107ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=fustycinema.world

Requested by

Host: fustycinema.world
URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7301e79f5631e426ec1433407b1d37323b720caf0eeed69d8d988f44717fd4d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fustycinema.world/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:32:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5558
alt-svc: h3=":443"; ma=86400
content-length: 2520
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 25 Jun 2024 18:59:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qgrkEjO1rjA3s21QujDX%2B%2B0C5fGKzwqDOFhlk7DndfXWieSvgBoBT15IiNGjFBMEkxEFitSfKBHepWhJlgZ%2BVYeB7%2FLl0XsUcB9tyXnmJObRiq8dijuDj%2Bumv8kt12khuPw1bw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges: bytes
cf-ray: 8997ba0dce7a0e15-MXP
expires: 0

POST lmdzkwmwdk
event.trk-consulatu.com/register/event_log/ 0
0

OPTIONS lmdzkwmwdk
event.trk-consulatu.com/register/event_log/ 0
0

GET favicon.ico
fustycinema.world/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: event.trk-consulatu.com
URL: https://event.trk-consulatu.com/register/event_log/lmdzkwmwdk

Domain: event.trk-consulatu.com
URL: https://event.trk-consulatu.com/register/event_log/lmdzkwmwdk

Domain: fustycinema.world
URL: https://fustycinema.world/favicon.ico

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.stocktrackingsalesstacks.com/	1969-12-31 23:59:59	Name: st Value: i99G3e/j9fwUbGHDtKGOMBmNArzTgqwRENY5wJlvb6m3q8fLhZyW4A==
.stocktrackingsalesstacks.com/	1970-01-21 07:11:47	Name: tym Value: b1I246zL3YaklMylUbDkpxmNArzTgqwRENY5wJlvb6m3q8fLhZyW4A==
.stocktrackingsalesstacks.com/	1970-01-20 22:18:59	Name: c20513 Value: i99G3e/j9fxoq2zE/N7bFov+c8IIpmEq8EMMsHAqRR7I9IeOX7A6/A==
www.directthruredir3ct.com/	1970-01-20 21:37:13	Name: uniqueClick_22QC77GS Value: ae297f53-a1fd-4b2a-a495-873403d92223:1719347543
www.directthruredir3ct.com/	1970-01-20 23:45:23	Name: transaction_id Value: 652bd3f2044f459bb232fe39c24db127
fustycinema.world/	1969-12-31 23:59:59	Name: SESSIONIDS Value: no22pHcf5T

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://fustycinema.world/?encoded_value=5XQHC8&sub1=&sub2=367087158&sub3=&sub4=&sub5=16803&source_id=5445&ip=185.198.62.106&domain=www.directthruredir3ct.com Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

event.trk-consulatu.com
fustycinema.world
stocktrackingsalesstacks.com
storage.googleapis.com
throughfares.com
trk-consulatu.com
use.fontawesome.com
www.directthruredir3ct.com
www.google.com
event.trk-consulatu.com
fustycinema.world
104.155.58.45
142.250.184.196
172.217.23.123
172.67.142.245
188.114.96.3
188.114.97.3
34.78.74.19
1a9ad77a662bfd6b41640a71e013b1aed157bc0f44be5463ad73f14428b49e04
1c5235b07cddb23f7916c82372e8e7c0141aa97b1ad03216f77b67871eb6844a
1eba82f5214269dce3ca23dea6befc2c4576377c98129909e5901e56176bfd2e
3bb4a1f4f62ef227c42c8a379c8e3fec9a3246554b5417647c7763cc15c869b7
4d16e33a5999f3cd7e3d8c046f1225fa254951d50163e16faca065a1c15311c8
5f1d0f0b3fb3e2472b3010c9b6d57e9450c2d5f4a097cb129cfd3256b69ff19f
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
625ea86dc2049e2a10146d128475c833a395ef0ccf4dbd3a9b54dc570bbc983a
6f7762632691a474650c1cf2d66d74fe67685eb44d68c98b03e39a06aecd874c
6f7f067acc2b7b0ecabfa6cb28c30ccda7615ce9ff9b5ebdc5586023b6ffc50b
7301e79f5631e426ec1433407b1d37323b720caf0eeed69d8d988f44717fd4d6
79773e578e658480392c920253f0c6befaa904d9c566c8a974afa18b1a7e910f
7cf1fbb14c0d93cda6c07c7c34bf248ba1c6dccaef52b1c1833fc54ca6c673d9
80f1d5b833c2bca3d6ff96e7b81d7c11f9e3ca57a042b3e694c582a5cafca0d7
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
a07aa6743e1e91a1e8061bea712f4304796b324cb956a8307ef07539af9dcc40
aedbcd877e395c160a5b93c1cf1809218cee953a1964c86c846134490d7fe7eb
b2378cc3d0cb20164bb398f84dfaa239aacc8426268e451312ece610ef25355b
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
c818417669b877a42a0f5c4cc21a18f287f5632af7ba24ff0163ca47cbfdbc9b
d38b978934f045c5dbda2cda25cd3c2b6a24d193f5b97fac690d5a9b3bb3bf28
d5d39ce001acdaf38d616426bdf204532d35e047b19ac0eeea37465abec34123
e00a929c870f7b0725e710631150852fce1d0f3c6a2f423eabf7d5fd1021eaf6

fustycinema.world Open in urlscan Pro 188.114.96.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

86 %HTTPS

0 %IPv6

8 Domains

9 Subdomains

6 IPs

3 Countries

2678 kBTransfer

3526 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

33 JavaScript Global Variables

fustycinema.world Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

86 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

6
IPs

3
Countries

2678 kB
Transfer

3526 kB
Size

6
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!