Report - en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989

Report Overview

Submitted URL
en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
IP
104.21.69.3
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-04 06:00:43
Access
public
Website Title
(1) New Message!
Final URL
en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-02	897 B	9.5 kB	142.250.74.106
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-03	338 B	942 B	143.204.53.97
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-03	874 B	850 B	18.185.9.67
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2024-05-03	417 B	327 B	192.243.59.12
en.yts-official.mx	unknown	2024-02-16	2024-02-22	2024-04-18	18 kB	1.0 MB	172.67.202.34
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-03	2.6 kB	98 kB	216.58.207.227
supposedbrand.com	unknown	2024-04-30	2024-05-02	2024-05-03	8.0 kB	13 kB	172.240.127.234
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-05-03	1.5 kB	846 B	192.243.61.227
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15	2024-05-02	2.9 kB	346 kB	104.21.70.253
cdn.yourwebbars.com	62037	2020-08-21	2021-01-29	2024-05-02	494 B	2.1 kB	104.26.6.19
growingcastselling.com	unknown	2024-04-18	2024-04-27	2024-04-27	888 B	46 kB	172.240.127.234
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-05-03	413 B	35 kB	104.21.35.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	growingcastselling.com	Sinkholed
2024-05-04	medium	growingcastselling.com	Sinkholed
2024-05-04	medium	supposedbrand.com	Sinkholed
2024-05-04	medium	supposedbrand.com	Sinkholed
2024-05-03	medium	unseenreport.com	Sinkholed
2024-05-03	medium	unseenreport.com	Sinkholed
2024-05-04	medium	supposedbrand.com	Sinkholed
2024-05-04	medium	supposedbrand.com	Sinkholed
2024-05-04	medium	supposedbrand.com	Sinkholed
2024-05-04	medium	supposedbrand.com	Sinkholed
2024-05-04	medium	supposedbrand.com	Sinkholed
2024-05-04	medium	supposedbrand.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	growingcastselling.com/b1/27/0e/b1270e96b85c3dd200807d09a940c676.js	76 kB	2024-05-04	2024-05-04
Pretty URL growingcastselling.com/b1/27/0e/b1270e96b85c3dd200807d09a940c676.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 08:00:45 Last Seen2024-05-04 21:52:00 Times Seen4 Hash a073672b500b27eacd283ada1f2afb6e a34468da84292b04b028e0ea5544cee80833975d 1851c9b157f7f7cc277f8c7ee708eaf65c0bfd0b3071e6b9f0d5066a35b7e635 Loading...

	growingcastselling.com/0a/2f/9b/0a2f9bfefa2d59b6782f748beec9f30e.js	44 kB	2024-05-04	2024-05-04
Pretty URL growingcastselling.com/0a/2f/9b/0a2f9bfefa2d59b6782f748beec9f30e.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 08:00:45 Last Seen2024-05-04 19:26:38 Times Seen4 Hash 9f401b79e89a70692acce5e1415f5dc8 068857ebffe94ef8c5f62549a3d2cd389ee3eebf 4d68131744401dbec46ddc2ac4a6573e48b337320c9614a75391e3c8935b773a Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-17
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 104.21.35.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-17 14:49:08 Times Seen3553 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	capaciousdrewreligion.com/advertisers.js	0 B	2023-03-07	2024-05-18
Pretty URL capaciousdrewreligion.com/advertisers.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 07:32:09 Times Seen37775018 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	2.3 kB	2024-05-03	2024-05-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 10:41:05 Last Seen2024-05-08 00:52:34 Times Seen5 Hash 9dc9c2b46066dac6a54501c54ea42517 aa0ddb4ed073c46e3782ab9e9a30868a57ae858b 617c3624476e4f06e5635ab35786c992230a90e59730b1155a4cfddb49064ec1 Loading...

	en.yts-official.mx/static/yts/style/modded1.js?yify=1	163 kB	2023-03-08	2024-05-16
Pretty URL en.yts-official.mx/static/yts/style/modded1.js?yify=1 IP 172.67.202.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:05:18 Last Seen2024-05-16 18:28:58 Times Seen217 Hash 60de675fcd2844a3ffbb68550d303076 8a53cc2f554a8ef1f58f3fd1996a3c3552ea5472 1c821bdab262418e3742bfa3c295c3b668724f7e8898b45638958a898bd93d33 Loading...

	en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989	428 B	2024-04-18	2024-05-16
Pretty URL en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989 IP 172.67.202.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 12:10:15 Last Seen2024-05-16 01:33:51 Times Seen97 Hash 6dcff6572b90a25babb8be2e3703eb97 58ca34991d0315b9cef9bb1e9bd8ba547602e5b3 28f374670828d65e52a411c90ba6dd9017599b26eca5ef05eb3278c2f4f81982 Loading...

HTTP Transactions (62)

URL IP Response Size

en.yts-official.mx/movies/poster/cannibal-apocalypse-1980.jpg?v=1

172.67.202.34

200 OK

37 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/cannibal-apocalypse-1980.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
37 kB (37222 bytes)
Hash
532debb6f160ef7a9c312e814f5ae1ec
97d7e75733da7d937c5ff4b69255149449dd3441
8c7c7f778ccc54054a73f2ada253f619bc1da59a8aad12e89d59453beddf7ece

HTTP Headers

GET /movies/poster/cannibal-apocalypse-1980.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:15 GMT
content-type: image/jpeg
content-length: 37222
last-modified: Mon, 01 Aug 2022 01:26:48 GMT
etag: "62e72bd8-9166"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iDewuq15Iwz4EJy%2FTAJyanmIIrqMreAAf1E2QfSzqItUNVVL6lOzIQnl7%2F0UN5zaTEwQrtc46In8Pis89DEw%2FObQxqLIOAm3FGap5nC2yDCHzYmicGcUKSjwj8e8idZl0fAIwss%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644f9fe31b4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/the-angel-1982.jpg?v=1

172.67.202.34

200 OK

26 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/the-angel-1982.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
26 kB (26072 bytes)
Hash
bda15c0aa3caf3df44bd8341dd154527
d9d46c002e657d325ba65d7acfddce0410fb4429
80d4ba351ed7879d23a3e2bcdf17251dbb8f3d1dfdc01df37cbb26f709a0e41a

HTTP Headers

GET /movies/poster/the-angel-1982.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:15 GMT
content-type: image/jpeg
content-length: 26072
last-modified: Fri, 17 Jun 2022 01:26:46 GMT
etag: "62abd856-65d8"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k5Gw%2BbzlkrSr6GrXx3rkiTmAEIz6KpJ613UG%2FqT8L8uD6jw8%2FJ76w4Iq%2FLM%2FhGoE6XP4FZxdIqjEIelEQ%2BbOSNkwV7ApwG658PL3C2ELrNFpOJQ0WA7JfJqFql6IqcBI7VJmH%2BA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fa0e4fb4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/static/yts/style/minified.css

172.67.202.34

200 OK

41 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/style/minified.css
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
ASCII text, with very long lines (57475)
Size
41 kB (40826 bytes)
Hash
a314b10e99529c56373ebff456f96618
89369052969ff4793a3c290593b5ded5d2d3e6d7
e043e009630de7fdb24141cd7e788e91a7978880af7730e0f8f97bf41c2cd549

HTTP Headers

GET /static/yts/style/minified.css HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:15 GMT
content-type: text/css
last-modified: Mon, 19 Feb 2024 08:38:28 GMT
vary: Accept-Encoding
etag: W/"65d31384-1d423"
expires: Sat, 04 May 2024 06:02:58 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 43037
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EyxyOYKRthLc5Zucn8LROc9YDC7AB2nJCvfiAaFm5TZbSGsvqQdeJ7G8oen2ZcB10sdFwcmJga%2FcGpsAKuUJFN2Pwnnvj1vA5vzFrNgRdVONtsQzoDLCyatBg6sD2G3h1qyLtso%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e644f9ee28b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/arimo/v29/P5sCzZCDf9_T_10c9CNkiA.woff2

216.58.207.227

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/arimo/v29/P5sCzZCDf9_T_10c9CNkiA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22052, version 1.0
Size
22 kB (22052 bytes)
Hash
f0e48ce2beda9e8cbd7d915bf1b1ae71
3dc1cfff1759b0959cc7fb17517651ec850d584d
b2504b3c20c2feb37e78773b788dd09a9cc43c9f36086bc1e2f83a6366ebaa34

HTTP Headers

GET /s/arimo/v29/P5sCzZCDf9_T_10c9CNkiA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:53:36 GMT
expires: Fri, 02 May 2025 01:53:36 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:00:24 GMT
content-type: font/woff2
age: 187599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989

172.67.202.34

200 OK

26 kB

URL User Request GET HTTP/2
en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
HTML document, ASCII text, with very long lines (1888), with CRLF line terminators
Size
26 kB (25726 bytes)
Hash
8382da12d14c30907ab9042d75350bd4
1438aad7860954069a5f8ff14fcc49a206fbce62
f17d4a3449b4bdea993d57668d607b9c9e19bff268d0d43ca564b6328eb6c6d3

HTTP Headers

GET /browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 06:00:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8PCFq4giumMFjDiiemJJ%2Fb7FcOjt8Sv2oaT0ulGdOSLd7ZAa1KjrmFPZ19hpMNlJoTGX2Miup%2FBK9RunuY0pe%2B30WvcefznXcth1kzg07EmwZNZ17QFkqJfCBQuMYdPVJOqlcQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e644f789a056b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

en.yts-official.mx/static/yts/image/logo-YTS.svg

172.67.202.34

200 OK

3.9 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/image/logo-YTS.svg
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
SVG Scalable Vector Graphics image
Size
3.9 kB (3888 bytes)
Hash
fdd85bfbf80d872ea41b942cf21d1db9
6a2d54565cbffa3af342a63931e412ad8837f92d
2234cb288342eab0edfb65ebda4189cf47b40a4b639a25af62c57c03f7ace459

HTTP Headers

GET /static/yts/image/logo-YTS.svg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:15 GMT
content-type: image/svg+xml
last-modified: Tue, 20 Feb 2024 02:51:28 GMT
etag: W/"65d413b0-5b34"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C3CNysZsfaYjnvIfVQ2C6kT2i8SeIUSfLtjzn0tR1um3E0djQsp2l06PMbOxQdfZb5cUomSyKbLpWhbHYcgWw9N1MrtsI4HOgFgPWjIarDMquC%2FZ12VvzfQStkZMISdb5aWc0uc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644f9ee2cb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Arimo:400,700,400italic,700italic&subset=latin,latin-ext

142.250.74.106

200 OK

1.3 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Arimo:400,700,400italic,700italic&subset=latin,latin-ext
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
1.3 kB (1293 bytes)
Hash
a8db4297fc9453d533245b0dbcdab87f
bc4dc8d6a09c6b98a60e87b19de50b2107404ec9
8260c33cec8f00f1500cc468ce26b5bcee455c61d8826a2f501a8610fed31826

HTTP Headers

GET /css?family=Arimo:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 06:00:15 GMT
date: Sat, 04 May 2024 06:00:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

en.yts-official.mx/movies/poster/caprice-1986.jpg?v=1

172.67.202.34

200 OK

17 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/caprice-1986.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
17 kB (17358 bytes)
Hash
8b1165061e94f56b63ad9ab0062f0cac
0d3b4e325f2ea9cd826766eb78015aaf7dbb1070
89d42150fefda222e4cdc814d507013920c8e5612c4730af3195ac77e3eb9a21

HTTP Headers

GET /movies/poster/caprice-1986.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/jpeg
content-length: 17358
last-modified: Sun, 14 Aug 2022 01:26:43 GMT
etag: "62f84f53-43ce"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zdN%2FfZv1DKhun8tP2BzvyCfX4Duy6V0DKA1nPOGD98CsmBRCjxtgkUhxcBKNxQnmrM%2F2DOF6NT3YcfpfMoB5XvyYJoRiXfwXnBKUmWAJqErtyD1LuPaMnb0nK2JudCB7z6%2BH1tI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644f9ee2eb4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/eliminators-1986.jpg?v=1

172.67.202.34

200 OK

44 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/eliminators-1986.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
44 kB (44486 bytes)
Hash
7903e7d82ce42273b9095c77ac2ad383
f527012d2b24765fdd4bcc104a3f9d65d0a74500
9bda81d33bd28e013e50f18c3bc3aa71b9acfc2d9ab1a69cf0705757d814f9bd

HTTP Headers

GET /movies/poster/eliminators-1986.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/jpeg
content-length: 44486
last-modified: Fri, 22 Jul 2022 01:27:47 GMT
etag: "62d9fd13-adc6"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fwdLYu0%2FrGvNh8TcRUrMMkBHh13SZTKd%2FybaiksEFftreUs4XqTBdhKFmIan2plm0Ig929btF9QJudSI%2Bw2H7llaxLA6PJRiiZ88yS1ype5ETEBrBbZUQm07bR2gDWSHz%2FH9Jr0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fa0e4cb4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/entrails-of-a-beautiful-woman-1986.jpg?v=1

172.67.202.34

200 OK

39 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/entrails-of-a-beautiful-woman-1986.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
39 kB (38619 bytes)
Hash
154fd69f62b23a1380871d88bbd2a60a
c60f04062e57b4e9abb7e49f38f00fbcc491fb27
83624d9b875d2eb302b9ed9d0b7c7e8c00312f500ebe57b93bc3b4c80f7ec847

HTTP Headers

GET /movies/poster/entrails-of-a-beautiful-woman-1986.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/jpeg
content-length: 38619
last-modified: Sat, 11 Jun 2022 01:27:55 GMT
etag: "62a3ef9b-96db"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kZ4DbmgzTWel0e%2BB37GQhVpSxdaJ1JTzXDv621m8IoYpGAiXMlmdQIJCkegpqmO8m6X%2FoxxYVGPGeClaBKiG1oBK%2BQCl7JVO8Ot7GlyVby5QvZLtHfdY%2FsHk1JzVjF%2B%2FcPGys3g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fa0e50b4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/scrooged-1988.jpg?v=1

172.67.202.34

200 OK

27 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/scrooged-1988.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
27 kB (27209 bytes)
Hash
be3cef97cb24aa886d02dc8f176d5144
1527296697e42aa5b95c63cdf6b3395d1b762712
6bb93eeae25aa88b0e1cc639e692ff6c0715c0be52abc45e10d604c8e042b8c1

HTTP Headers

GET /movies/poster/scrooged-1988.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/jpeg
content-length: 27209
last-modified: Tue, 26 Apr 2022 16:16:24 GMT
etag: "62681ad8-6a49"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kDRGZkkMI9dxt2tpCW9m9RZD115CFsxZNb%2BkcIAC%2BkFrWB3tOe%2FrVvIxagyFU4sNoFY8xxHjiH1REbGY1srmTOHeTIpbQ6agrmyI4NMMaZArdP6SWw90Lw8qhT7H8kk4rkwxWeA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fa0e55b4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/to-sleep-so-as-to-dream-1986.jpg?v=1

172.67.202.34

200 OK

29 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/to-sleep-so-as-to-dream-1986.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
29 kB (29205 bytes)
Hash
2f4863f9cb7378c1b6ee4a556f5afbe7
6f6bdfee4cd08cd55fcdf418e040ef9b47c7d186
5aae4b4a9befbe30c2803450ebb84f1fc112760e8330544be70b755993da8f62

HTTP Headers

GET /movies/poster/to-sleep-so-as-to-dream-1986.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/jpeg
content-length: 29205
last-modified: Mon, 30 May 2022 02:10:19 GMT
etag: "6294278b-7215"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FK%2BHCP%2FD1JRDrZ%2BnpH4cE2ggioXZrnY8SgVqaLHRUHMmWKCOCiwHsK5AVcxxWSoBuHumVHDZGzYEhMnYYdWh%2FvamsTuj2LEQt%2F%2Fqsnyz7UDDQ6NBHJjIElt5pZaIQcCPBu%2Fhd%2FU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fa0e54b4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/the-sword-and-the-sorcerer-1982.jpg?v=1

172.67.202.34

200 OK

39 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/the-sword-and-the-sorcerer-1982.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
39 kB (39001 bytes)
Hash
28a51ee075cc66849f3a359e44fdea30
967c10db506f0f2d3dcd676bd99ed28c6e08de91
6f398af8009538e8d70dc1111510fa2cb6d8a93ec24f2047157e7e7647281402

HTTP Headers

GET /movies/poster/the-sword-and-the-sorcerer-1982.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/jpeg
content-length: 39001
last-modified: Fri, 18 Mar 2022 01:22:08 GMT
etag: "6233dec0-9859"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SEXbUjsVF4PgH%2Fl3LpUZnrXN5OeFEUb9KP%2B7AW1x9mQkpoJpJ%2BlfEO0LLTq2QaUAf1M08IcfruKj4YuUAfURYeG8kvx2bpvhNQmcDNvX%2FZ%2F49Hx2fJKRzFbw%2FVnu8haG2%2BnDigQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fa1e6eb4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/the-king-and-the-mockingbird-1980.jpg?v=1

172.67.202.34

200 OK

30 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/the-king-and-the-mockingbird-1980.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
30 kB (30079 bytes)
Hash
61021700e5ce807032a7490486fe5ff3
8ab05d820e7cb56aba87735679402cc16a021e8d
a157b1e24f37807434132d91441a4675e7c613491fc245987d45faa12f8b475b

HTTP Headers

GET /movies/poster/the-king-and-the-mockingbird-1980.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/jpeg
content-length: 30079
last-modified: Mon, 14 Mar 2022 01:24:12 GMT
etag: "622e993c-757f"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pvk2fUjrnhLzbZ1fYppa%2FGqF0V2QWmg7Msw7Y%2BISV652so6HbnJ%2B923yA3xNpw4T1Y1j0mBttOkB0zNYvpX0%2BjKCel9Co2qif7OpaXW%2Fo4eioOQuUZnrEOpyj5tw8BU%2BAPMrcDI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fa1e6fb4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/playing-beatie-bow-1986.jpg?v=1

172.67.202.34

200 OK

39 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/playing-beatie-bow-1986.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
39 kB (39271 bytes)
Hash
93a77d21a4ff1a075ababac6435e7a81
53148247abacf5270bb093cabf4209ffad0912d3
355be707fce792d8788a23dfa6723518caf4c92ad9dfc25b332e3c1e86a6ac3b

HTTP Headers

GET /movies/poster/playing-beatie-bow-1986.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/jpeg
content-length: 39271
last-modified: Fri, 11 Mar 2022 01:22:52 GMT
etag: "622aa46c-9967"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KLwdcltnqVD6pWRt7hYPZGh1fWQZRYWU1bkqDdUls4r7eOW8%2FikQ%2BG9F85lT1pnnFXz4K%2FzD9Zt%2FZjFEePBF%2FEsAMZr89iQdJvbEZEczhWwkhh6m71%2BFmXplQ7ekriJVDNI58lk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fa1e71b4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/girlfriend-from-hell-1989.jpg?v=1

172.67.202.34

200 OK

35 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/girlfriend-from-hell-1989.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
35 kB (35257 bytes)
Hash
2e2edfb94bd02000efd9e3f197d970c6
cf0800fa7276aba1be5096dc21d81589695dc832
d3286b77bd7d3a504b93700d079bae1339edaa796f3fc0c575ed37211edeb48d

HTTP Headers

GET /movies/poster/girlfriend-from-hell-1989.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/jpeg
content-length: 35257
last-modified: Tue, 08 Feb 2022 01:33:03 GMT
etag: "6201c84f-89b9"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bX6mCu7V64hHO8bJ2atG4PGCwJNLirtAEpz%2Bd097k0wSfI1d37SHwBaTjuPAD2YfD78DWmor0EluZ2Oi%2BiZ36iXgL7WiabxFNUNSyRa8SoSnBKT1Vs%2BoUweJ5pg3rUJ%2FJzh%2BJdY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fa2e73b4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/son-of-the-white-mare-1981.jpg?v=1

172.67.202.34

200 OK

36 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/son-of-the-white-mare-1981.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
36 kB (35556 bytes)
Hash
e63be09508eff29532763f231bfa5295
20b9e153daaf77b0310aab301da478dd552072fb
7dbe77758b47e8d5b38bdd8e5b6824f40ee421030f3cd3c6a0b08eb711ad2726

HTTP Headers

GET /movies/poster/son-of-the-white-mare-1981.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/jpeg
content-length: 35556
last-modified: Sat, 05 Feb 2022 01:33:11 GMT
etag: "61fdd3d7-8ae4"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=14SmtgsPHZlq0SsqOhcqKODaPfe8oQKx9P%2B9Fcm62%2BHRZeeQgqKOBD5AJT8TLlu4SySLxlg3FN8RkqYcnY%2BPsV23rkWv4XG0DV65fD1TJ6UELPZNDXk5poASNLcW%2BcDPADcT3LE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fa2e78b4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/aladdin-1986.jpg?v=1

172.67.202.34

200 OK

35 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/aladdin-1986.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
35 kB (35218 bytes)
Hash
63629bac50193d6ccbae50e57078954b
13d5fe659f06dca8f4fd7d8fcd48085c5a40d1c5
399e5f184519dbc0c55562e0d46ff631b449f8ceafc812f9dda0043532928d05

HTTP Headers

GET /movies/poster/aladdin-1986.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/jpeg
content-length: 35218
last-modified: Wed, 26 Jan 2022 01:31:42 GMT
etag: "61f0a47e-8992"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LpVbMCx%2Bth0R5MQKjYxOBUnMuFMbjID4VMMjvpQRDUfpSI3UqRLmB0g7w1N3kXidPUeUf%2F305cIF1kca5MuqEuHJMprGgiNUr9197Gya8NU4o6GHXBGVlgrG1T6I9SXhRQ%2FirVg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fa2e79b4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/the-carpenter-1988.jpg?v=1

172.67.202.34

200 OK

37 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/the-carpenter-1988.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
37 kB (36713 bytes)
Hash
a0bcdd70789eba4486a14669c83e8a6e
b1e54c87258dffab60baab2febdf6a2bfc8b85c6
4ff734e82537f9b394773709ff2290d7e7bab7c15229d78f1c4ca6a588a54172

HTTP Headers

GET /movies/poster/the-carpenter-1988.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/jpeg
content-length: 36713
last-modified: Fri, 07 Jan 2022 01:33:01 GMT
etag: "61d7984d-8f69"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q6V1Zi7gaTyw7lAkg3KmtAkgmWs31UYOss5zL5TqF78LKshHmaCFPxhMdXngGQ9n%2FFI8emmkmq07GdK1%2FaFN7P24dPxXU9KUMv1oPIOiey3Gavj%2BAGF64UOfGJmaxi4QDWlWpo8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fa2e7fb4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/my-cousin-the-ghost-1987.jpg?v=1

172.67.202.34

200 OK

34 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/my-cousin-the-ghost-1987.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
34 kB (34482 bytes)
Hash
d78742dc896a3d44e94869ed85a2271a
f833f1b1880f8eecff9ad48a231d1c47c998207a
7cb83939b9ce8d01706493145f0050e49350e1ef2f5a1a112eb4dfcfef7785a9

HTTP Headers

GET /movies/poster/my-cousin-the-ghost-1987.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/jpeg
content-length: 34482
last-modified: Fri, 31 Dec 2021 01:33:07 GMT
etag: "61ce5dd3-86b2"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nsr9hGt4cuOMr0YSjWLIdOT6ozbwZBK%2FQW%2BTlfgL5iKpygKFEVPm9x%2BW7mF9PD3ZQIX%2FARzLRaSlB6b3Euv1LWovzZQCg9ndHRggRdRP75t1XzPrKwAJ3pF6UxbPtqMk9bdafSg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fa3e84b4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/static/yts/fonts/icomoon.woff?fmg7s2

172.67.202.34

200 OK

3.6 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/fonts/icomoon.woff?fmg7s2
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
Web Open Font Format, CFF, length 3560, version 0.0
Size
3.6 kB (3560 bytes)
Hash
4e54891305c71736de2da03f14b57434
fbf29db32b5514cad7a908167ce63c76a91a2f12
332ec1d337a38ad421deff49f3585da56563253756da3870b26b46bd025f96e4

HTTP Headers

GET /static/yts/fonts/icomoon.woff?fmg7s2 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/static/yts/fonts/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: font/woff
content-length: 3560
last-modified: Mon, 19 Feb 2024 03:18:39 GMT
etag: "65d2c88f-de8"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=reD3cwo%2Br%2BngHPgd%2B9GXXtB9ikNvc0MTZpWxwjYWX0kTGd9iF0DL58AMjZzKggi4AI0geer0dhzaywyFIiZueLn%2FhIfyqVPvP6dzne62xDdikyH4I3AzHAOXINClyen21oikCzc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fb3f55b4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/demon-of-the-lute-1983.jpg?v=1

172.67.202.34

200 OK

47 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/demon-of-the-lute-1983.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
47 kB (47330 bytes)
Hash
14d1179357fa2aacd8c134969ccb0217
5988cbf98a3b429df85febb0992d8585745282e9
bb2ef0b99fa605f1152c45e1025cfe8a05282d66363e16b8afc24dc360266cc1

HTTP Headers

GET /movies/poster/demon-of-the-lute-1983.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/jpeg
content-length: 47330
last-modified: Tue, 26 Jul 2022 01:26:45 GMT
etag: "62df42d5-b8e2"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=StDK0mGo9efScs8ud2JoKBuDsONg7IByOixtHrVUfDn5jFm1GD7Lwzt%2FBlVOhDMk2CCePrEG8L%2B%2BdL2ihWZLgI7LWD%2BE3HFEfjkHSmfYQ6qm6zFKXjy8QeCQjA3yoEXgzCHPyp8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644f9fe35b4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/holy-flame-of-the-martial-world-1983.jpg?v=1

172.67.202.34

200 OK

46 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/holy-flame-of-the-martial-world-1983.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
46 kB (46322 bytes)
Hash
0f2f0a04fc6bf2255359c711b98b6480
ecb17abca51f8063a1113810560cc61773f60da2
4add963a751bcc11ee1e589e28347ac25f6138ffc04c430da92896c297c6dcde

HTTP Headers

GET /movies/poster/holy-flame-of-the-martial-world-1983.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/jpeg
content-length: 46322
last-modified: Mon, 25 Jul 2022 01:26:40 GMT
etag: "62ddf150-b4f2"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s2ppzB%2FKegtqU2UMLStyauIYLKbB9cNN11aVeuteMP2G%2B%2F%2FgbBouilnKwU70GXEhbxXI7gx%2FV1flFUsH6Jb7e5Gy%2BIxEbefdQI2bg60F6bWGHS2vhs1%2Fhe8dEx8Odh2QNsU5%2FJA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fa0e4bb4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/the-care-bears-movie-1985.jpg?v=1

172.67.202.34

200 OK

46 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/the-care-bears-movie-1985.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
46 kB (46019 bytes)
Hash
0937940897dbe6146ab26803cc082272
8706c915bfd3012cdd311646da4706e7ffe5bd8e
2d560bf05273f9292236fc109540a937afbe0be9ccff781247f395603f316c36

HTTP Headers

GET /movies/poster/the-care-bears-movie-1985.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/jpeg
content-length: 46019
last-modified: Tue, 26 Apr 2022 15:55:11 GMT
etag: "626815df-b3c3"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7YNMr05OQn94KkTfqq4lnhxpc43A8stANtHj4d7r3Q6ENS1wl%2FSLWDaueZnUT8xNHqFuqGcnn3Ls63uUlxkYqGcEAJf3G0VwGmlcswZ729OhIJ0t5GhWauzNbg3V%2FJ4Oalcyd4w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fa1e5bb4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/wheres-officer-tuba-1986.jpg?v=1

172.67.202.34

200 OK

44 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/wheres-officer-tuba-1986.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
44 kB (44113 bytes)
Hash
f1f2e8a62b441344340df753d36276e7
85ed047c3239d932e744c0870349d59885ffa359
792c53cc2639557cde8440f2681a6aee68f095ad982a22d590870f3baa0555d6

HTTP Headers

GET /movies/poster/wheres-officer-tuba-1986.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/jpeg
content-length: 44113
last-modified: Sun, 23 Jan 2022 01:27:56 GMT
etag: "61ecaf1c-ac51"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AJiVHa9r6iNN89oo%2B656yG40yskNCVVGfBybkdCvoY5f4Dcw%2B4voyE3dyUCGFfEAFCiuF15UHxUnG6ZJKwBrUsHltjJHn61WZZrJc6B2q6yXtSP2nRH81iJaSCTuuOq2Ecvj8kU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fa2e7ab4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/wholly-moses-1980.jpg?v=1

172.67.202.34

200 OK

44 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/wholly-moses-1980.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
44 kB (44458 bytes)
Hash
de1c5b8e2fc6095c0347f617cd6e2771
63005dd2934b49fe79030f9be991a538fa3c423a
6bd32ac2c69f7fd5a13bfe929561d6925a9b753dc1c345fde80f5b8f27b4aba2

HTTP Headers

GET /movies/poster/wholly-moses-1980.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/jpeg
content-length: 44458
last-modified: Fri, 24 Dec 2021 05:12:33 GMT
etag: "61c556c1-adaa"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y7jtcCruuNomxzetJ8jRPUdtSxB6HZnOywHJaBmt3mpviZ3Qsqbxg9Db%2BFwAYJ9Dsy%2BFRVjokcox69ocRPKbDiVqsUPVVQ6vDgcD3QszWhYK36fft3Bq87UkMWit%2FQfecret0Fk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fa3e88b4f7-OSL
alt-svc: h3=":443"; ma=86400

growingcastselling.com/b1/27/0e/b1270e96b85c3dd200807d09a940c676.js

172.240.127.234

200 OK

28 kB

URL GET HTTP/1.1
growingcastselling.com/b1/27/0e/b1270e96b85c3dd200807d09a940c676.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerLet's Encrypt
Subjectgrowingcastselling.com
Fingerprint3E:B6:D3:62:BC:57:AD:19:9E:FA:67:C4:B3:FA:10:7C:98:4A:71:2B
ValidityThu, 18 Apr 2024 13:01:11 GMT - Wed, 17 Jul 2024 13:01:10 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
28 kB (28350 bytes)
Hash
a073672b500b27eacd283ada1f2afb6e
a34468da84292b04b028e0ea5544cee80833975d
1851c9b157f7f7cc277f8c7ee708eaf65c0bfd0b3071e6b9f0d5066a35b7e635

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /b1/27/0e/b1270e96b85c3dd200807d09a940c676.js HTTP/1.1
Host: growingcastselling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 06:00:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 19c5b200784b321cb2392e401358b470
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

growingcastselling.com/0a/2f/9b/0a2f9bfefa2d59b6782f748beec9f30e.js

172.240.127.234

200 OK

16 kB

URL GET HTTP/1.1
growingcastselling.com/0a/2f/9b/0a2f9bfefa2d59b6782f748beec9f30e.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerLet's Encrypt
Subjectgrowingcastselling.com
Fingerprint3E:B6:D3:62:BC:57:AD:19:9E:FA:67:C4:B3:FA:10:7C:98:4A:71:2B
ValidityThu, 18 Apr 2024 13:01:11 GMT - Wed, 17 Jul 2024 13:01:10 GMT

File type
JavaScript source, ASCII text, with very long lines (44033), with no line terminators
Size
16 kB (15798 bytes)
Hash
9f401b79e89a70692acce5e1415f5dc8
068857ebffe94ef8c5f62549a3d2cd389ee3eebf
4d68131744401dbec46ddc2ac4a6573e48b337320c9614a75391e3c8935b773a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /0a/2f/9b/0a2f9bfefa2d59b6782f748beec9f30e.js HTTP/1.1
Host: growingcastselling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 06:00:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=0; expires=Tue, 07 May 2024 09:00:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6dfa283779696bab2746dd6e67908e06
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
353dbae1e1b45a750770ae51bef13ba7
465917a2a0bbb947e9727e7f08b584a82aa6fb81
9fa5becc3e07f31f2f08bf5f331d6bfda4f6386634ea524bc3a8c56ac1c0bc2b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 06:00:16 GMT
Last-Modified: Sat, 04 May 2024 05:04:56 GMT
Server: ECAcc (ska/F775)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: z8vJHZyaYHh10mz9V8URWsaJ5QDIbBbdPiEGzUbTvORewKs2COIfeA==
Age: 3320

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
9fbe77316b3793a72ab26354a29dca8e
cb287816a20d8b5894c6b63a3ddc75d990be6103
41a002f27d1eabff5443ed35404528fa4e16726a3fb29387583e7b29fd3d9321

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://en.yts-official.mx
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=229c51f5-26f3-4012-b89a-267792377f76:3:1; expires=Tue, 02 May 2034 06:00:16 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
006038e3fd6aa2b6d482aa6a753d31ca
c86aafabfc8d85ee7ec0d0149d0c7780b667a917
3c93ae0e569baad1d040b91d83deeb443e688389d7bdf6a0c8217a8cdc533b14

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://en.yts-official.mx
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=24a36b53-ebe3-4ed1-944d-09b32b51d19e:3:1; expires=Tue, 02 May 2034 06:00:16 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

capaciousdrewreligion.com/advertisers.js

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC
ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 06:00:16 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9c13c98c730af5d6e3e914e5423b3909
Strict-Transport-Security: max-age=0; includeSubdomains

en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989

172.67.202.34

200 OK

5.7 kB

URL User Request GET HTTP/2
en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
HTML document, ASCII text, with very long lines (1888), with CRLF line terminators
Size
5.7 kB (5748 bytes)
Hash
8382da12d14c30907ab9042d75350bd4
1438aad7860954069a5f8ff14fcc49a206fbce62
f17d4a3449b4bdea993d57668d607b9c9e19bff268d0d43ca564b6328eb6c6d3

HTTP Headers

GET /browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7sDriRVWejAvnY5T84xqEN7SZjviGc3VYtIwlMSJ5IQNpq1MR9rO3MBoECmoeuCQ8w8SX1xxMX3lcqsNC9D50u2a85DX3Obz7%2FCCD0MScIA84LfUfeC5HRTftwVY2FefWL8J0Ug%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e644fdc96db4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downstairsnegotiatebarren.com/sfp.js

104.21.35.227

200 OK

34 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
104.21.35.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
34 kB (34434 bytes)
Hash
f4a2f8f9f99541c6f105bbd0a025bd40
1f8e3eff12168fdd9e719adfc098d24a45b6916a
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 9be458ebcc37d1b63862f8482a00c3fd
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 06:00:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=etWNdXbBSyfBxH7g7nzNSDSe2sZXvhUAGZie6MLEvkRZwKeoe2f8FU2Ha%2BmBhbJBvZYPfTVl%2FSqNe%2BHaHRnj74jCaxfVuze23fUgnJZPjjcPhrjQmKXZ989jWA3RA3EYR95pSJTVu5wbWTtc2AoD6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fdadfab4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

en.yts-official.mx/static/yts/image/favicon-16x16.png

172.67.202.34

200 OK

619 B

URL GET HTTP/3
en.yts-official.mx/static/yts/image/favicon-16x16.png
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced
Size
619 B (619 bytes)
Hash
ea830fdd4f9a6d19aa7455dabdac987a
b0d567d6b4d40959e1bd44032f6bc2331057b319
71148160c085a70d1af7708c1d52cfcf39f8ef6e4ce13f0f20c080b2e19195db

HTTP Headers

GET /static/yts/image/favicon-16x16.png HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=24a36b53-ebe3-4ed1-944d-09b32b51d19e%3A3%3A1; pp_main_b1270e96b85c3dd200807d09a940c676=1; sb_page_0a2f9bfefa2d59b6782f748beec9f30e=1; sb_onpage_0a2f9bfefa2d59b6782f748beec9f30e=1; sb_main_0a2f9bfefa2d59b6782f748beec9f30e=1; sb_count_0a2f9bfefa2d59b6782f748beec9f30e=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:17 GMT
content-type: image/png
content-length: 619
last-modified: Mon, 19 Feb 2024 10:45:38 GMT
etag: "65d33152-26b"
expires: Thu, 30 May 2024 22:27:04 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 286393
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2aj%2FK5VvCxxumKEH7Z7Cidjkcn%2BEp08U4hGdnCPhTzwjnZGmO%2FJsr3ZtUziCNGdTze3%2BfyvUMyAvoGE64%2Bx2HOhRffHmr17%2FLxgPqL3HpQzMVRiDw1Ds3yoJ4HJM0ODvYDX6KrQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e64502ae0cb4f7-OSL
alt-svc: h3=":443"; ma=86400

supposedbrand.com/sbar.json?key=0a2f9bfefa2d59b6782f748beec9f30e&psid=CF-3448_0&uuid=24a36b53-ebe3-4ed1-944d-09b32b51d19e%3A3%3A1

172.240.127.234

200 OK

7.9 kB

URL GET HTTP/1.1
supposedbrand.com/sbar.json?key=0a2f9bfefa2d59b6782f748beec9f30e&psid=CF-3448_0&uuid=24a36b53-ebe3-4ed1-944d-09b32b51d19e%3A3%3A1
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerLet's Encrypt
Subjectsupposedbrand.com
FingerprintFB:D5:90:17:3B:8A:41:95:9B:5B:7A:FF:E0:B6:22:8C:65:87:5C:E0
ValidityTue, 30 Apr 2024 15:30:02 GMT - Mon, 29 Jul 2024 15:30:01 GMT

File type
JSON text data
Size
7.9 kB (7914 bytes)
Hash
b0c5e62e336277c3fb5bc29ae9024d54
e7f46834d2d8d68cbc3c132fe9ee6ab07663404f
10a156269c125fa1bcda02402f9304e2519bb9f935f82ad6209ea8158c05b340

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=0a2f9bfefa2d59b6782f748beec9f30e&psid=CF-3448_0&uuid=24a36b53-ebe3-4ed1-944d-09b32b51d19e%3A3%3A1 HTTP/1.1
Host: supposedbrand.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 06:00:17 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://en.yts-official.mx
Access-Control-Allow-Origin: https://en.yts-official.mx
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16587847; expires=Sun, 05 May 2024 06:00:17 GMT; secure; SameSite=None
uid_id2=24a36b53-ebe3-4ed1-944d-09b32b51d19e:3:1; expires=Sat, 11 May 2024 06:00:17 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 06:00:17 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 06:00:17 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 05 May 2024 06:00:17 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 05 May 2024 06:00:17 GMT; secure; SameSite=None
slec0a2f9bfefa2d59b6782f748beec9f30e=[5210997,5210995]; expires=Sat, 04 May 2024 06:00:22 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4e8fb82198fffe6a56f332f084c3a566
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

supposedbrand.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRSedUxFgUApQIB0BQVI8Xl%2F3d4dKaL8cmRi4igBgQRSmNmZvQye21nN7N6eXVlYQqE7aNKuv7NjBSIEfwAJOgelsBTJR%2BUCt7QgpHQgdBeLE6%2BY9773vZG%2B%2BeZ9uV0cEx8FPbr0vt6QStHFRt2tvf2x552trci06Nf6rehWFJ6tmd677ajuvlO7IuI1vei7nut6rldbkkYkur84ISGzB22v3nbroV%2F3GiH65v%2FYFg4sdcB7x%2BQVSD6ef%2BychoxHSLs%2FXBJ2LdfZmcvdQtFcG%2FT43ofpWqrLFN1ZmRgHSbp3Mg1tD5ceQqe7U7nQvf8GmRwT58lDsHTvRCRYb2eqkymIFIy%2FiLI3glAjSDpCrLcg%2BSEBYo5rq0i7965pU9L15yydsGMy%2F%2BwvyHJM5n87jbT7%2FQUl%2B7WbWhW51KlFP6kg%2ByPIzghZsY98Yw6y3EecfwHJn5LFZytIuzurVmlIfvSWH9IgYo1gQTARLISCewvtMOQLbpsFPmt43GuLqUFSjiCTEZQYgNpTKKyDQjooEgdF5qDLj2qx53lNl8fUbbXjOOBNwSLuerSZeNRzoxaKePKGAfJsgFgNEJtNZGYTa%2FLrw8Z7MMXPsLcrWO7A5gQ9XqEUBKUlKClBKQnKnKDsVbtcWd9W97iyBfNOsn%2BSg2qo88423dV5R6QE1AxgeLWdHZOXpx7%2B%2FcYVrImjmkv9pM0SkVCfN9osarb8pBm2mBBxOwlcASvvX1xaCMKwdcuFtHOg1sGGHJPXll9FJsfkhbv%2FgNF9WLWPWDqgxZugZQV6u8JGuree27pOBbiukOXzyNedbXVMXp%2BqWN0qIOIDchKITYXMVPhcPiboqDvDG7okOzd0acmPq1kuu3KDTn75Zk5z4Xx7VayX2vDlS3Zw%2F3w8ISblgw%2BEzVdoymXaseS7C5JzYZa0iQX5adl%2BJNj1wt6%2BUJi0yFauX1xa7mZGWCt1OgKVh5fvIpZj8tKjT6fre%2BaT3yHNCKao0C1mSqXeR5xtwmazntUERs0wyxyURTU0Pps1lSRQYoYpq2DFwblfPjv%2FVfPqEzBx8OiP59zQ0MltKqttewcdMweabyHtVuiZCj1VgaoBbHFqmGfm4NyvwTTA1NyQKTO3w5RR30xNnhwWVh7VmkHg0qjd8JpNKpos9FtJ5HFK%2FTDyo4gGyO04aTz9818AAAD%2F%2FwEAAP%2F%2F4yihPZgEAAA%3D

172.240.127.234

200 OK

7 B

URL GET HTTP/1.1
supposedbrand.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRSedUxFgUApQIB0BQVI8Xl%2F3d4dKaL8cmRi4igBgQRSmNmZvQye21nN7N6eXVlYQqE7aNKuv7NjBSIEfwAJOgelsBTJR%2BUCt7QgpHQgdBeLE6%2BY9773vZG%2B%2BeZ9uV0cEx8FPbr0vt6QStHFRt2tvf2x552trci06Nf6rehWFJ6tmd677ajuvlO7IuI1vei7nut6rldbkkYkur84ISGzB22v3nbroV%2F3GiH65v%2FYFg4sdcB7x%2BQVSD6ef%2BychoxHSLs%2FXBJ2LdfZmcvdQtFcG%2FT43ofpWqrLFN1ZmRgHSbp3Mg1tD5ceQqe7U7nQvf8GmRwT58lDsHTvRCRYb2eqkymIFIy%2FiLI3glAjSDpCrLcg%2BSEBYo5rq0i7965pU9L15yydsGMy%2F%2BwvyHJM5n87jbT7%2FQUl%2B7WbWhW51KlFP6kg%2ByPIzghZsY98Yw6y3EecfwHJn5LFZytIuzurVmlIfvSWH9IgYo1gQTARLISCewvtMOQLbpsFPmt43GuLqUFSjiCTEZQYgNpTKKyDQjooEgdF5qDLj2qx53lNl8fUbbXjOOBNwSLuerSZeNRzoxaKePKGAfJsgFgNEJtNZGYTa%2FLrw8Z7MMXPsLcrWO7A5gQ9XqEUBKUlKClBKQnKnKDsVbtcWd9W97iyBfNOsn%2BSg2qo88423dV5R6QE1AxgeLWdHZOXpx7%2B%2FcYVrImjmkv9pM0SkVCfN9osarb8pBm2mBBxOwlcASvvX1xaCMKwdcuFtHOg1sGGHJPXll9FJsfkhbv%2FgNF9WLWPWDqgxZugZQV6u8JGuree27pOBbiukOXzyNedbXVMXp%2BqWN0qIOIDchKITYXMVPhcPiboqDvDG7okOzd0acmPq1kuu3KDTn75Zk5z4Xx7VayX2vDlS3Zw%2F3w8ISblgw%2BEzVdoymXaseS7C5JzYZa0iQX5adl%2BJNj1wt6%2BUJi0yFauX1xa7mZGWCt1OgKVh5fvIpZj8tKjT6fre%2BaT3yHNCKao0C1mSqXeR5xtwmazntUERs0wyxyURTU0Pps1lSRQYoYpq2DFwblfPjv%2FVfPqEzBx8OiP59zQ0MltKqttewcdMweabyHtVuiZCj1VgaoBbHFqmGfm4NyvwTTA1NyQKTO3w5RR30xNnhwWVh7VmkHg0qjd8JpNKpos9FtJ5HFK%2FTDyo4gGyO04aTz9818AAAD%2F%2FwEAAP%2F%2F4yihPZgEAAA%3D
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerLet's Encrypt
Subjectsupposedbrand.com
FingerprintFB:D5:90:17:3B:8A:41:95:9B:5B:7A:FF:E0:B6:22:8C:65:87:5C:E0
ValidityTue, 30 Apr 2024 15:30:02 GMT - Mon, 29 Jul 2024 15:30:01 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRSedUxFgUApQIB0BQVI8Xl%2F3d4dKaL8cmRi4igBgQRSmNmZvQye21nN7N6eXVlYQqE7aNKuv7NjBSIEfwAJOgelsBTJR%2BUCt7QgpHQgdBeLE6%2BY9773vZG%2B%2BeZ9uV0cEx8FPbr0vt6QStHFRt2tvf2x552trci06Nf6rehWFJ6tmd677ajuvlO7IuI1vei7nut6rldbkkYkur84ISGzB22v3nbroV%2F3GiH65v%2FYFg4sdcB7x%2BQVSD6ef%2BychoxHSLs%2FXBJ2LdfZmcvdQtFcG%2FT43ofpWqrLFN1ZmRgHSbp3Mg1tD5ceQqe7U7nQvf8GmRwT58lDsHTvRCRYb2eqkymIFIy%2FiLI3glAjSDpCrLcg%2BSEBYo5rq0i7965pU9L15yydsGMy%2F%2BwvyHJM5n87jbT7%2FQUl%2B7WbWhW51KlFP6kg%2ByPIzghZsY98Yw6y3EecfwHJn5LFZytIuzurVmlIfvSWH9IgYo1gQTARLISCewvtMOQLbpsFPmt43GuLqUFSjiCTEZQYgNpTKKyDQjooEgdF5qDLj2qx53lNl8fUbbXjOOBNwSLuerSZeNRzoxaKePKGAfJsgFgNEJtNZGYTa%2FLrw8Z7MMXPsLcrWO7A5gQ9XqEUBKUlKClBKQnKnKDsVbtcWd9W97iyBfNOsn%2BSg2qo88423dV5R6QE1AxgeLWdHZOXpx7%2B%2FcYVrImjmkv9pM0SkVCfN9osarb8pBm2mBBxOwlcASvvX1xaCMKwdcuFtHOg1sGGHJPXll9FJsfkhbv%2FgNF9WLWPWDqgxZugZQV6u8JGuree27pOBbiukOXzyNedbXVMXp%2BqWN0qIOIDchKITYXMVPhcPiboqDvDG7okOzd0acmPq1kuu3KDTn75Zk5z4Xx7VayX2vDlS3Zw%2F3w8ISblgw%2BEzVdoymXaseS7C5JzYZa0iQX5adl%2BJNj1wt6%2BUJi0yFauX1xa7mZGWCt1OgKVh5fvIpZj8tKjT6fre%2BaT3yHNCKao0C1mSqXeR5xtwmazntUERs0wyxyURTU0Pps1lSRQYoYpq2DFwblfPjv%2FVfPqEzBx8OiP59zQ0MltKqttewcdMweabyHtVuiZCj1VgaoBbHFqmGfm4NyvwTTA1NyQKTO3w5RR30xNnhwWVh7VmkHg0qjd8JpNKpos9FtJ5HFK%2FTDyo4gGyO04aTz9818AAAD%2F%2FwEAAP%2F%2F4yihPZgEAAA%3D HTTP/1.1
Host: supposedbrand.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=24a36b53-ebe3-4ed1-944d-09b32b51d19e:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec0a2f9bfefa2d59b6782f748beec9f30e=[5210997,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 06:00:17 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1f92b4415c4e3c4018623b36fa7fbd33
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=24a36b53-ebe3-4ed1-944d-09b32b51d19e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b1270e96b85c3dd200807d09a940c676&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=24a36b53-ebe3-4ed1-944d-09b32b51d19e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b1270e96b85c3dd200807d09a940c676&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=24a36b53-ebe3-4ed1-944d-09b32b51d19e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b1270e96b85c3dd200807d09a940c676&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 06:00:17 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7d800725b88b713188c775def44144f3
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=24a36b53-ebe3-4ed1-944d-09b32b51d19e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=0a2f9bfefa2d59b6782f748beec9f30e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=24a36b53-ebe3-4ed1-944d-09b32b51d19e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=0a2f9bfefa2d59b6782f748beec9f30e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=24a36b53-ebe3-4ed1-944d-09b32b51d19e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=0a2f9bfefa2d59b6782f748beec9f30e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 06:00:17 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 17d029141d3d9c89001b39e6b38b4a5b
Strict-Transport-Security: max-age=0; includeSubdomains

supposedbrand.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Findex.html&l=1738&fd=633

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
supposedbrand.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Findex.html&l=1738&fd=633
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerLet's Encrypt
Subjectsupposedbrand.com
FingerprintFB:D5:90:17:3B:8A:41:95:9B:5B:7A:FF:E0:B6:22:8C:65:87:5C:E0
ValidityTue, 30 Apr 2024 15:30:02 GMT - Mon, 29 Jul 2024 15:30:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Findex.html&l=1738&fd=633 HTTP/1.1
Host: supposedbrand.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=24a36b53-ebe3-4ed1-944d-09b32b51d19e:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec0a2f9bfefa2d59b6782f748beec9f30e=[5210997,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 06:00:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/img/close.png

104.21.70.253

200 OK

6.0 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/img/close.png
IP
104.21.70.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced
Size
6.0 kB (5982 bytes)
Hash
c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd

HTTP Headers

GET /sb/notifications/gambling/unibet/social-box-confetti/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:18 GMT
content-type: image/png
content-length: 5982
last-modified: Fri, 02 Feb 2024 15:34:06 GMT
etag: "65bd0b6e-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 152015
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W1ACyv5tSV0YsmiD9YZIzSBJ%2BkszaOVcjy9aMlf%2FD8Yb7GnWsCAoYoVT1BwPYep9bk0tF8x%2BJQwBsXH%2B6AOJUh5%2F9xQ9iOLKobQiDRLRm%2BVAOQbIUdbAK9rNjGP%2BFAJOmyAiNYqtdsb6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e64508f9330b59-OSL
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/img/confetti.gif

104.21.70.253

200 OK

206 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/img/confetti.gif
IP
104.21.70.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
GIF image data, version 89a, 480 x 360
Size
206 kB (206291 bytes)
Hash
0b33face774f2203446507ce5f075538
1dd3522529bce7739df0687f47f5bc84356698a0
ac345899461d5634d25c47281b10e3c1886abb33019e2ce8140573a79e9f52f2

HTTP Headers

GET /sb/notifications/gambling/unibet/social-box-confetti/1/img/confetti.gif HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:18 GMT
content-type: image/gif
content-length: 206291
last-modified: Fri, 02 Feb 2024 15:34:07 GMT
etag: "65bd0b6f-325d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 152015
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bBNSw5F63%2BfDlfu0SJJNt2CZnnjBCf4b0OvYP7bL0P0z8%2FPuqOZLyJNk362yI3QdA95U4A%2F1Y3fhFP7dSmD3bRI%2BKiD35zf8L5q%2FBic7jVspSy%2FNmItEijGAH4mt5LtsTLv9C3117Cti"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e64508f9350b59-OSL
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/img/logo.png

104.21.70.253

200 OK

44 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/img/logo.png
IP
104.21.70.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
PNG image data, 2038 x 728, 8-bit/color RGBA, non-interlaced
Size
44 kB (43597 bytes)
Hash
7385ff746ad38c8d244e3c5ee4a939a1
2bf171af67d57e5ed098473551ab9a4729051136
9d16ffd0a510eaf5e7a8509f0c02c7d26bc8b65675f2be5aba15d8094c00269a

HTTP Headers

GET /sb/notifications/gambling/unibet/social-box-confetti/1/img/logo.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:18 GMT
content-type: image/png
content-length: 43597
last-modified: Thu, 02 May 2024 09:37:49 GMT
etag: "66335eed-aa4d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 152015
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nGvvsRXrxw4NNXxnfMxqb7%2BpUqkfrtU6TTxVHDrXt8tHsBT8MJr3E2F%2BIRhhZJ5WM%2BENCxd1L4NlBjv7WLBfXiqmlqJ7MlCW7h8sR%2FZ9sY8bHCeu0gIm2h8D%2Fbaa4gbo009mb95E0xwz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e64508f9380b59-OSL
alt-svc: h3=":443"; ma=86400

supposedbrand.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Fcss%2Fanimate.css&l=78693&fd=44

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
supposedbrand.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Fcss%2Fanimate.css&l=78693&fd=44
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerLet's Encrypt
Subjectsupposedbrand.com
FingerprintFB:D5:90:17:3B:8A:41:95:9B:5B:7A:FF:E0:B6:22:8C:65:87:5C:E0
ValidityTue, 30 Apr 2024 15:30:02 GMT - Mon, 29 Jul 2024 15:30:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Fcss%2Fanimate.css&l=78693&fd=44 HTTP/1.1
Host: supposedbrand.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=24a36b53-ebe3-4ed1-944d-09b32b51d19e:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec0a2f9bfefa2d59b6782f748beec9f30e=[5210997,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 06:00:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

supposedbrand.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Fjs%2Fscript.js&l=2042&fd=44

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
supposedbrand.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Fjs%2Fscript.js&l=2042&fd=44
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerLet's Encrypt
Subjectsupposedbrand.com
FingerprintFB:D5:90:17:3B:8A:41:95:9B:5B:7A:FF:E0:B6:22:8C:65:87:5C:E0
ValidityTue, 30 Apr 2024 15:30:02 GMT - Mon, 29 Jul 2024 15:30:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Fjs%2Fscript.js&l=2042&fd=44 HTTP/1.1
Host: supposedbrand.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=24a36b53-ebe3-4ed1-944d-09b32b51d19e:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec0a2f9bfefa2d59b6782f748beec9f30e=[5210997,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 06:00:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.yourwebbars.com/sb/notifications/gambling/unibet/social-box-confetti/1/index.html

104.26.6.19

200 OK

1.3 kB

URL GET HTTP/2
cdn.yourwebbars.com/sb/notifications/gambling/unibet/social-box-confetti/1/index.html
IP
104.26.6.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49
ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
1.3 kB (1337 bytes)
Hash
901ff8c558bc4861832dfbddf78ab7a3
97da1f43e3d63c195a9e0961aec099bccef7f28c
a4414b760c15140f8ddbcb2dc85e95bc17bd54102cdc3f93d42b589e34ed4c89

HTTP Headers

GET /sb/notifications/gambling/unibet/social-box-confetti/1/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 06:00:17 GMT
content-type: text/html
last-modified: Thu, 02 May 2024 09:41:58 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WQ%2FZ55abExDnO10N7OZwdy9Jd8sFAAM1NuOi2DDQUtgo%2F3P4Ele7yKs1Ot74QNsXrBCaRY4mfo%2F6ukwMhPRC09kLfU%2BhjVqctFtfRQ5aJJtFLZt%2BILxh%2BcR1t3XPKFk%2FBaRkR7g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e645044c2ab50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 22:40:35 GMT
expires: Fri, 02 May 2025 22:40:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 112783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 187518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

supposedbrand.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRSedUxFgUApQIB0BQVIsb17t%2FeLFFF%2BOTIxcZSAQAIpzK%2B9DJ7bWc3s3J5dRURCoTto0q6%2Fs2MFIgR%2FAAk6B6WwFMlH5QK3tCCkdCB0F4sTr5j3vve9kb755n255Y9IFZ4eXnjfbCqt6VJ9May8%2FXEUna6sqtT3K%2F1W40YjPl2xvXfbjcXwncolydfNUjWMwjAKo8qysjIx%2FaUJCZU9aEeL7XAxri5G9Rh9%2B3%2FsfABHA4jeEXkFSoznHwcnofgIafeHC9Kt5yY7dbHrNc2NRU%2Fsfpiup6ZI0Z2ViQ2QpLvH0zDuYPkhTLozlQvT%2B2%2BQqTEJnjwES3ePRYL1tqc6mYZMwcSLKHojSD2CoiNwcxtKHBCAC1xZQ9q9d8XYgm48Z%2BmEHZP5Z39BFWMy%2F9tJpN3vz2nVr1w32ufKpA79pITqj6A6I2R%2BD%2FnmHFSxB55%2FASWekqVnq0i722tOGyhx%2BFY1prUGq9cWJJO1hViKaKEdx2IhbLNaldUjEbXl1CClRlDJCFoOQN0JeBfAqwA%2BCeCzAF1xWOFRFDVDwWnYanNeE03JGiKMaDOJaBQ2WvB88oYB8mwArgfg9hYyewvr6uuD%2Bnuw%2Fme4myWcCOBygp4oUUiCwhEUlKBQBEVOUPTKHaFd1ZX3hHaeRce5epxr5dDknS26Y%2FKOTAmoHcCKcis7Ii9PPfz7jUtYl4eVkFaTNktkQqui3maNZquaNOMWk5K3k1oo4dT988sLtThu3Qih3ByoC7CpxuS1lVeRqTF54e4%2FYHQPTu%2BBqwDUvwlalKA3S2ymuxu5WzSphDAlsnwe%2BUawpY%2FI61MVa7c9JN8nxwFuS2S2xOfqMUFH3xleMwXZvmYKR35cy3LVVZt08svXc5rL4NvLcqMwVqxccIP7Z%2FmEmJQPPpAuX6WpUGnHke%2FOKSGkXTaWS%2FLTivtIsqve3Tznbeqz1avnl1e6mZXOKZOOQNXBxbvgakxeevTpdH1PffI7lB3B%2BhJdP1OqzB54dgsum%2FWcIbB6hlkWoPDl0FbZrKkVgZYzTFkJJ%2FfP%2FPLZ2a%2Bal5%2BAyf1HfzznhpZOblNVbrk76Ng50Pw20m6Jni3R0yWoHsD5E8M8s%2Ftnfq1NA0zPDZm2c9tMW%2F3N1OTJ4eDUYaUWiiaTiWwyGdfjRHLB6nUW8oSzmmi1OHI3TupP%2F%2FwXAAD%2F%2FwEAAP%2F%2FY%2Fx01ZgEAAA%3D

172.240.127.234

200 OK

7 B

URL GET HTTP/1.1
supposedbrand.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRSedUxFgUApQIB0BQVIsb17t%2FeLFFF%2BOTIxcZSAQAIpzK%2B9DJ7bWc3s3J5dRURCoTto0q6%2Fs2MFIgR%2FAAk6B6WwFMlH5QK3tCCkdCB0F4sTr5j3vve9kb755n255Y9IFZ4eXnjfbCqt6VJ9May8%2FXEUna6sqtT3K%2F1W40YjPl2xvXfbjcXwncolydfNUjWMwjAKo8qysjIx%2FaUJCZU9aEeL7XAxri5G9Rh9%2B3%2FsfABHA4jeEXkFSoznHwcnofgIafeHC9Kt5yY7dbHrNc2NRU%2Fsfpiup6ZI0Z2ViQ2QpLvH0zDuYPkhTLozlQvT%2B2%2BQqTEJnjwES3ePRYL1tqc6mYZMwcSLKHojSD2CoiNwcxtKHBCAC1xZQ9q9d8XYgm48Z%2BmEHZP5Z39BFWMy%2F9tJpN3vz2nVr1w32ufKpA79pITqj6A6I2R%2BD%2FnmHFSxB55%2FASWekqVnq0i722tOGyhx%2BFY1prUGq9cWJJO1hViKaKEdx2IhbLNaldUjEbXl1CClRlDJCFoOQN0JeBfAqwA%2BCeCzAF1xWOFRFDVDwWnYanNeE03JGiKMaDOJaBQ2WvB88oYB8mwArgfg9hYyewvr6uuD%2Bnuw%2Fme4myWcCOBygp4oUUiCwhEUlKBQBEVOUPTKHaFd1ZX3hHaeRce5epxr5dDknS26Y%2FKOTAmoHcCKcis7Ii9PPfz7jUtYl4eVkFaTNktkQqui3maNZquaNOMWk5K3k1oo4dT988sLtThu3Qih3ByoC7CpxuS1lVeRqTF54e4%2FYHQPTu%2BBqwDUvwlalKA3S2ymuxu5WzSphDAlsnwe%2BUawpY%2FI61MVa7c9JN8nxwFuS2S2xOfqMUFH3xleMwXZvmYKR35cy3LVVZt08svXc5rL4NvLcqMwVqxccIP7Z%2FmEmJQPPpAuX6WpUGnHke%2FOKSGkXTaWS%2FLTivtIsqve3Tznbeqz1avnl1e6mZXOKZOOQNXBxbvgakxeevTpdH1PffI7lB3B%2BhJdP1OqzB54dgsum%2FWcIbB6hlkWoPDl0FbZrKkVgZYzTFkJJ%2FfP%2FPLZ2a%2Bal5%2BAyf1HfzznhpZOblNVbrk76Ng50Pw20m6Jni3R0yWoHsD5E8M8s%2Ftnfq1NA0zPDZm2c9tMW%2F3N1OTJ4eDUYaUWiiaTiWwyGdfjRHLB6nUW8oSzmmi1OHI3TupP%2F%2FwXAAD%2F%2FwEAAP%2F%2FY%2Fx01ZgEAAA%3D
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerLet's Encrypt
Subjectsupposedbrand.com
FingerprintFB:D5:90:17:3B:8A:41:95:9B:5B:7A:FF:E0:B6:22:8C:65:87:5C:E0
ValidityTue, 30 Apr 2024 15:30:02 GMT - Mon, 29 Jul 2024 15:30:01 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRSedUxFgUApQIB0BQVIsb17t%2FeLFFF%2BOTIxcZSAQAIpzK%2B9DJ7bWc3s3J5dRURCoTto0q6%2Fs2MFIgR%2FAAk6B6WwFMlH5QK3tCCkdCB0F4sTr5j3vve9kb755n255Y9IFZ4eXnjfbCqt6VJ9May8%2FXEUna6sqtT3K%2F1W40YjPl2xvXfbjcXwncolydfNUjWMwjAKo8qysjIx%2FaUJCZU9aEeL7XAxri5G9Rh9%2B3%2FsfABHA4jeEXkFSoznHwcnofgIafeHC9Kt5yY7dbHrNc2NRU%2Fsfpiup6ZI0Z2ViQ2QpLvH0zDuYPkhTLozlQvT%2B2%2BQqTEJnjwES3ePRYL1tqc6mYZMwcSLKHojSD2CoiNwcxtKHBCAC1xZQ9q9d8XYgm48Z%2BmEHZP5Z39BFWMy%2F9tJpN3vz2nVr1w32ufKpA79pITqj6A6I2R%2BD%2FnmHFSxB55%2FASWekqVnq0i722tOGyhx%2BFY1prUGq9cWJJO1hViKaKEdx2IhbLNaldUjEbXl1CClRlDJCFoOQN0JeBfAqwA%2BCeCzAF1xWOFRFDVDwWnYanNeE03JGiKMaDOJaBQ2WvB88oYB8mwArgfg9hYyewvr6uuD%2Bnuw%2Fme4myWcCOBygp4oUUiCwhEUlKBQBEVOUPTKHaFd1ZX3hHaeRce5epxr5dDknS26Y%2FKOTAmoHcCKcis7Ii9PPfz7jUtYl4eVkFaTNktkQqui3maNZquaNOMWk5K3k1oo4dT988sLtThu3Qih3ByoC7CpxuS1lVeRqTF54e4%2FYHQPTu%2BBqwDUvwlalKA3S2ymuxu5WzSphDAlsnwe%2BUawpY%2FI61MVa7c9JN8nxwFuS2S2xOfqMUFH3xleMwXZvmYKR35cy3LVVZt08svXc5rL4NvLcqMwVqxccIP7Z%2FmEmJQPPpAuX6WpUGnHke%2FOKSGkXTaWS%2FLTivtIsqve3Tznbeqz1avnl1e6mZXOKZOOQNXBxbvgakxeevTpdH1PffI7lB3B%2BhJdP1OqzB54dgsum%2FWcIbB6hlkWoPDl0FbZrKkVgZYzTFkJJ%2FfP%2FPLZ2a%2Bal5%2BAyf1HfzznhpZOblNVbrk76Ng50Pw20m6Jni3R0yWoHsD5E8M8s%2Ftnfq1NA0zPDZm2c9tMW%2F3N1OTJ4eDUYaUWiiaTiWwyGdfjRHLB6nUW8oSzmmi1OHI3TupP%2F%2FwXAAD%2F%2FwEAAP%2F%2FY%2Fx01ZgEAAA%3D HTTP/1.1
Host: supposedbrand.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=24a36b53-ebe3-4ed1-944d-09b32b51d19e:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec0a2f9bfefa2d59b6782f748beec9f30e=[5210997,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 06:00:18 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fc41e7d564c2cff4eca3e094162154b0
Strict-Transport-Security: max-age=0; includeSubdomains

supposedbrand.com/pixel/sbs?c=1

172.240.108.84

200 OK

0 B

URL GET HTTP/1.1
supposedbrand.com/pixel/sbs?c=1
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerLet's Encrypt
Subjectsupposedbrand.com
FingerprintFB:D5:90:17:3B:8A:41:95:9B:5B:7A:FF:E0:B6:22:8C:65:87:5C:E0
ValidityTue, 30 Apr 2024 15:30:02 GMT - Mon, 29 Jul 2024 15:30:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: supposedbrand.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=24a36b53-ebe3-4ed1-944d-09b32b51d19e:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec0a2f9bfefa2d59b6782f748beec9f30e=[5210997,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 06:00:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

en.yts-official.mx/static/yts/images/website/icon-search.svg

172.67.202.34

200 OK

894 B

URL GET HTTP/3
en.yts-official.mx/static/yts/images/website/icon-search.svg
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
SVG Scalable Vector Graphics image
Size
894 B (894 bytes)
Hash
9caad64a555d10c835c1e121b53743b0
5db8cc1d36d939a65725c4869ebec8cc0b5ce9e3
fa70e1614aed8ae3b0463b4d9884de60fd528951a068e6a13a60a329ef93face

HTTP Headers

GET /static/yts/images/website/icon-search.svg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/static/yts/style/minified.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Feb 2024 03:18:39 GMT
etag: W/"65d2c88f-37e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5zc8UeZ1bpVsQFiUPznoQTfaI3dWtzgkFz3UGNDo2XX4lvUgySnW%2FT2lnjUO27NtO9hKYJIvN6kOFQP7BwksU18LuqeWmaRpsDdLVRoY%2BiY3qhJgZUm%2BJtInIFUGUKpcmV5drAU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fb0f37b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/js/script.js

104.21.70.253

200 OK

2.1 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/js/script.js
IP
104.21.70.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
Unicode text, UTF-8 text, with very long lines (2166), with no line terminators
Size
2.1 kB (2087 bytes)
Hash
d03d3715eba0248148e75bfc156ba3b0
5b059e47186d91abd93ffb14486b8ba7ab8b236e
94a5c3dd45a88ab88b016d042320040eda5b662a261f02bf56b5be60cefc923d

HTTP Headers

GET /sb/notifications/gambling/unibet/social-box-confetti/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 06:00:17 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 09:40:33 GMT
etag: W/"66335f91-827"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 76776
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LhRlu%2BmwukYiTi3atyD%2BlL1t%2BMtk41gO12ohLsCAhVB%2Ff5VvRiYAor3ghkzeJiBzTd1Clk7WR1thfT6v1ZR6il8nevgLu5yvJw2FhZzcH85PhxTgG0soEpAMyzcMLvah1JW%2FxOl8MvnN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e645085d3156bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

en.yts-official.mx/static/yts/images/website/select-arrows.svg

172.67.202.34

200 OK

615 B

URL GET HTTP/3
en.yts-official.mx/static/yts/images/website/select-arrows.svg
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
SVG Scalable Vector Graphics image
Size
615 B (615 bytes)
Hash
2380d25896bd0a9ef1f19fd67606323c
f67225bc11897e30f07c5dc6f3702035f8a193af
842f6e07aa5c466a76efdabfe4c271153511a29c8f49aa5b3ac5bdf4a77d8596

HTTP Headers

GET /static/yts/images/website/select-arrows.svg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/static/yts/style/minified.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:16 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Feb 2024 03:18:39 GMT
etag: W/"65d2c88f-267"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qc72jlYlMEAYtlA7GNUi%2BjjLc5ZU5Jn3DlhDMHzGSPM2bau5qs5PBOxfj26l1NwTueojoL0Aq9x6R1%2FaogS7dD5%2F%2BDr8ukAW6IfDZufH9LVfAOmkJIQZNotvkU%2Fs20WxSkah4LU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e644fb0f3cb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

supposedbrand.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Fcss%2Fstyle.css&l=4574&fd=44

172.240.108.84

200 OK

0 B

URL GET HTTP/1.1
supposedbrand.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Fcss%2Fstyle.css&l=4574&fd=44
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerLet's Encrypt
Subjectsupposedbrand.com
FingerprintFB:D5:90:17:3B:8A:41:95:9B:5B:7A:FF:E0:B6:22:8C:65:87:5C:E0
ValidityTue, 30 Apr 2024 15:30:02 GMT - Mon, 29 Jul 2024 15:30:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Fcss%2Fstyle.css&l=4574&fd=44 HTTP/1.1
Host: supposedbrand.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=24a36b53-ebe3-4ed1-944d-09b32b51d19e:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec0a2f9bfefa2d59b6782f748beec9f30e=[5210997,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 06:00:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

7.0 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (7193), with no line terminators
Size
7.0 kB (7004 bytes)
Hash
16b49a99486594c0b42d9bd7821deb2c
2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a
3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 06:00:18 GMT
date: Sat, 04 May 2024 06:00:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

en.yts-official.mx/static/yts/fonts/fonts.css

172.67.202.34

200 OK

1.3 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/fonts/fonts.css
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
ASCII text, with very long lines (1384), with no line terminators
Size
1.3 kB (1316 bytes)
Hash
0ea9baa4ec422b74a6cf6ef7cd998e7b
28edd12415ade93ae8ce77cc26054ec487d73508
a284eec07f7cc18bb397bffc2b34b52f8bacde6198dc1eaeef2924ac61190bb4

HTTP Headers

GET /static/yts/fonts/fonts.css HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:15 GMT
content-type: text/css
last-modified: Mon, 19 Feb 2024 03:18:39 GMT
vary: Accept-Encoding
etag: W/"65d2c88f-524"
expires: Sat, 04 May 2024 08:41:26 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 33529
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RbrU%2BmULaSYVv%2FZTrJzHVftw66z62Z8nB2F%2FPDE71A9bX8GaIm7GoRTI2sNijVUjJEfaL64ks6NZ8bbcHz7YJh6hcWKCvE5AqtfruZoSnWjWaSCWZ9HiQtJt4%2FHYXiGRte%2FTWJ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e644f9ee26b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/css/animate.css

104.21.70.253

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/css/animate.css
IP
104.21.70.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
79 kB (78693 bytes)
Hash
5982c5377696d20476871062646b253f
8bf2c93fa9ccc908f7df0fb7abb911bbac3e4242
4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4

HTTP Headers

GET /sb/notifications/gambling/unibet/social-box-confetti/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 06:00:17 GMT
content-type: text/css
last-modified: Fri, 02 Feb 2024 15:34:04 GMT
etag: W/"65bd0b6c-13365"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 76776
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hxtDN3NVZzyXWS6V3n19WgW1SjFHL%2BXUMOvMOOMQf9EH6o6ZYvYXaS8ChXYY6FZtXZXDMRvsQplhtBR7t%2FleyiO3LBzaGLGSzfcvcIiOaGX7XRKVfpA%2FeQ435cfAJXu1zIbn3i0h6X6Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e645085d2356bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20040, version 1.0
Size
20 kB (20040 bytes)
Hash
a61c670a24d6794a95a9712f0d12b656
c9b3114b27790109ec51508f51f1a033ccfe0812
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6

HTTP Headers

GET /s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 22:08:55 GMT
expires: Fri, 02 May 2025 22:08:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:51:46 GMT
content-type: font/woff2
age: 114680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/css/style.css

104.21.70.253

200 OK

4.6 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/css/style.css
IP
104.21.70.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text, with very long lines (4815), with no line terminators
Size
4.6 kB (4574 bytes)
Hash
ab7e3d592710bc5d68878132471549f9
3975776d3abd50dc18c840e1a1f317dc827319e7
516fc5ac38d09fe484efeca0477e161ab0fdeebfa92d767c8312dedbe870ce2d

HTTP Headers

GET /sb/notifications/gambling/unibet/social-box-confetti/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 06:00:17 GMT
content-type: text/css
last-modified: Thu, 02 May 2024 09:36:08 GMT
etag: W/"66335e88-11de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 76776
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1WrtEJ6oWyLMaOmWozEf9Pqb8sb5VfENmWFWQeS2x27f%2FvmmZgdm5SJDXaI0B0Af4KJ8UHNNLlkaBXOFne7JUlnFCIUpsoN7fixbp2p6wM0jr74V00jyePaNZCcqQzcq0mVrwUYHkFaY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e645085d2b56bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20040, version 1.0
Size
20 kB (20040 bytes)
Hash
a61c670a24d6794a95a9712f0d12b656
c9b3114b27790109ec51508f51f1a033ccfe0812
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6

HTTP Headers

GET /s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 22:08:55 GMT
expires: Fri, 02 May 2025 22:08:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:51:46 GMT
content-type: font/woff2
age: 114680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

en.yts-official.mx/static/yts/style/modded1.js?yify=1

172.67.202.34

200 OK

163 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/style/modded1.js?yify=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JavaScript source, ASCII text, with very long lines (65452)
Size
163 kB (162596 bytes)
Hash
60de675fcd2844a3ffbb68550d303076
8a53cc2f554a8ef1f58f3fd1996a3c3552ea5472
1c821bdab262418e3742bfa3c295c3b668724f7e8898b45638958a898bd93d33

HTTP Headers

GET /static/yts/style/modded1.js?yify=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:15 GMT
content-type: application/javascript
last-modified: Mon, 19 Feb 2024 03:18:38 GMT
vary: Accept-Encoding
etag: W/"65d2c88e-27b24"
expires: Sat, 04 May 2024 06:02:58 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 43037
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wt380HyNfSGnSYgBjRFb2G19aL1oPrhjPDOskhmk2NII%2FMkEisc62bXBy3mrZQfW2iBQiwGp1WHj2rilIRcqZbworJWj9N4PrNEGlzZhecXGLh6p67S9psrMwgvB16uuYbo%2FfXM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e644fa3e8db4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/static/yts/image/apple-touch-icon-180x180.png

172.67.202.34

200 OK

7.0 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/image/apple-touch-icon-180x180.png
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
PNG image data, 152 x 152, 8-bit/color RGB, non-interlaced
Size
7.0 kB (6973 bytes)
Hash
f87afcf11d459620ff02da6112365db2
d09e6d4e7db706569474bfb7ec93f31ccbd6ed69
a70913fad67537f16d871e4c456c8f4484106f6d4ef3e12fa3c3b2eceefee508

HTTP Headers

GET /static/yts/image/apple-touch-icon-180x180.png HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=fantasy&keyword=&order_by=latest&page=4&quality=all&rating=0&year=1980-1989
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=24a36b53-ebe3-4ed1-944d-09b32b51d19e%3A3%3A1; pp_main_b1270e96b85c3dd200807d09a940c676=1; sb_page_0a2f9bfefa2d59b6782f748beec9f30e=1; sb_onpage_0a2f9bfefa2d59b6782f748beec9f30e=1; sb_main_0a2f9bfefa2d59b6782f748beec9f30e=1; sb_count_0a2f9bfefa2d59b6782f748beec9f30e=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 06:00:17 GMT
content-type: image/png
content-length: 6973
last-modified: Mon, 19 Feb 2024 10:45:38 GMT
etag: "65d33152-1b3d"
expires: Thu, 30 May 2024 16:30:16 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 307801
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HwjN9Nu%2BhF%2BUA4mMTX1nGZJmY9N4e9dmLc5JLI9HjzlFTllSaVjcLwfSXUEeJhgwRQoxdGmN8WttEUHQ8ieqZB0LGo8aN9tGN1FxqLxu2juOc8fwTUC7a4pIawQ%2FCZaSIQLxdvI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e64502ae0bb4f7-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (62)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size