Report - 123movies-la.com/movie/fallout-season-1/

Report Overview

Submitted URL
123movies-la.com/movie/fallout-season-1/
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-04 23:17:27
Access
public
Website Title
(1) New Message!
Final URL
w0.123movies-la.com/movie/fallout-season-1/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
i1.wp.com	6037	1997-03-28	2012-09-27	2024-05-03	943 B	91 kB	192.0.77.2
cdn.barscreative1.com	25648	2021-09-08	2021-09-16	2024-05-02	483 B	776 B	45.133.44.3
allowsmelodramaticswindle.com	unknown	2024-04-30	2024-05-01	2024-05-03	2.3 kB	1.9 kB	192.243.61.227
23.redirects.store	unknown	unknown	No data	No data	498 B	76 kB	104.21.39.90
i0.wp.com	3021	1997-03-28	2013-09-17	2024-05-04	3.2 kB	583 kB	192.0.77.2
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-04	676 B	1.9 kB	143.204.53.97
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-04	522 B	17 kB	216.58.207.227
w0.123movies-la.com	unknown	unknown	No data	No data	6.4 kB	131 kB	172.67.178.46
banishafreshconjunction.com	unknown	2024-03-28	2024-03-31	2024-04-18	1.4 kB	52 kB	172.240.127.234
hoardpastimegolf.com	unknown	2024-04-29	2024-04-29	2024-05-03	5.1 kB	11 kB	172.240.108.76
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15	2024-05-03	2.8 kB	184 kB	188.114.96.1
addresseepaper.com	18169	2021-11-01	2021-11-01	2024-02-26	405 B	246 B	3.64.163.50
123movies-la.com	unknown	unknown	No data	No data	496 B	76 kB	188.114.96.1
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-03	426 B	102 kB	142.250.74.72
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-04	1.3 kB	1.3 kB	18.185.9.67
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-05-03	428 B	41 kB	188.114.96.1
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-04	416 B	1.8 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	banishafreshconjunction.com	Sinkholed
2024-05-04	medium	banishafreshconjunction.com	Sinkholed
2024-05-04	medium	banishafreshconjunction.com	Sinkholed
2024-05-04	medium	hoardpastimegolf.com	Sinkholed
2024-05-04	medium	hoardpastimegolf.com	Sinkholed
2024-05-04	medium	allowsmelodramaticswindle.com	Sinkholed
2024-05-04	medium	allowsmelodramaticswindle.com	Sinkholed
2024-05-04	medium	hoardpastimegolf.com	Sinkholed
2024-05-04	medium	addresseepaper.com	Sinkholed
2024-05-04	medium	allowsmelodramaticswindle.com	Sinkholed
2024-05-04	medium	allowsmelodramaticswindle.com	Sinkholed
2024-05-04	medium	hoardpastimegolf.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	unknown	247 B	2024-05-05	2024-05-05
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 01:17:34 Last Seen2024-05-05 01:17:34 Times Seen1 Hash 1279d357fb91825f744112951c9dd638 3eee086d745391581460877e0ba039a81ea2f298 e1ddc986f9f7c2518763000e875b8c5a7e5a49d3df4ba7cc3b139dd604991f10 Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-17
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-17 14:49:08 Times Seen3553 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	w0.123movies-la.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-05-18
Pretty URL w0.123movies-la.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 172.67.178.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-18 14:10:37 Times Seen44327 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	unknown	586 B	2024-01-09	2024-05-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-09 19:52:13 Last Seen2024-05-18 10:59:34 Times Seen20 Hash d20a31cdd35137d05d297dfcfdd40685 6257549c2aae5dc213daa9ca564ec2d520e07975 5683f1793f9e8c349a1710b81f69529cd14995f03dcfcee2aba4d59899ea2107 Loading...

	w0.123movies-la.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.8 kB	2024-05-05	2024-05-05
Pretty URL w0.123movies-la.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.67.178.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 01:17:34 Last Seen2024-05-05 01:17:34 Times Seen2 Hash c59d928b171de6fac3c0677cea460da8 3a340df8479049a71e7b99f2949dfde43a9d3ba1 7751f978cf7271f51272b7793aad92e8a7bf2a05a6adf1f80a137fa9346706b0 Loading...

	unknown	153 B	2024-05-05	2024-05-15
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 01:17:34 Last Seen2024-05-15 17:28:54 Times Seen2 Hash 80f3bd3ff878f70a8b3f95bb641ed366 33bb93722062706cc5c78845c80b4f7a960b7e6d e42edb46dcaede4da3da4cbdb2130b527959993f78aea8af95cdb3ffe92f2bce Loading...

	banishafreshconjunction.com/89/ab/21/89ab21fd5e23690514167a08b906efa4.js	45 kB	2024-05-05	2024-05-05
Pretty URL banishafreshconjunction.com/89/ab/21/89ab21fd5e23690514167a08b906efa4.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 01:17:34 Last Seen2024-05-05 01:17:34 Times Seen2 Hash fa2c5345db00929b4e22178ce8b3b774 1cafa964b9c297371e80e89ac4ce3167b4b5dcc9 ff49bf2ca2ad01558f3bc814bcb49f4d034d2186b94dc7ff8b520a4d2f22853d Loading...

	banishafreshconjunction.com/f0/54/67/f05467e9f36c51475b64860bccf43bdc.js	44 kB	2024-04-18	2024-05-18
Pretty URL banishafreshconjunction.com/f0/54/67/f05467e9f36c51475b64860bccf43bdc.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 08:52:34 Last Seen2024-05-18 10:59:35 Times Seen32 Hash 9e4393bd095995f2259ee8f3b49f16c0 af1126d9372a30245c89d0666eae033a7b79536f 879d23ad460570c9e7270edad780c42779a39a2935130e205a07e18fcba3edc1 Loading...

	banishafreshconjunction.com/8f/b4/7e/8fb47e6668b7fa2d208541541b49d522.js	45 kB	2024-05-05	2024-05-05
Pretty URL banishafreshconjunction.com/8f/b4/7e/8fb47e6668b7fa2d208541541b49d522.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 01:17:34 Last Seen2024-05-05 01:17:34 Times Seen2 Hash 8847bd4e15342d60a064eb738872e5b7 5b19f6c031347adaedcc7685d4d6e6b66fa222ea 4df32abd7499301c27424704178039036f667c032d13ea7e86e1361545f1bfa4 Loading...

	cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/jquery.min.js	87 kB	2023-03-07	2024-05-18
Pretty URL cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/jquery.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-18 13:32:53 Times Seen67779 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	unknown	437 B	2024-05-04	2024-05-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 11:49:52 Last Seen2024-05-18 10:59:34 Times Seen7 Hash 6551b7d77b128e74d7f9bde71d542987 fe589ed87c021677ce56a3e1fabc62beabaf7ffd 9e8313d2892010b966266f76152355fb706f888c420ae6cf7d37674b3ee702a9 Loading...

	w0.123movies-la.com/movie/fallout-season-1/	1.1 kB	2024-05-05	2024-05-05
Pretty URL w0.123movies-la.com/movie/fallout-season-1/ IP 172.67.178.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-05 01:17:34 Last Seen2024-05-05 01:17:34 Times Seen1 Hash d51a928c58b3354883b02271a8d5bbf8 c93c3710e8d368af86ce7b20e91307a152de609e 6bb844c3cdfc046ada3bf6272a7985a14a2a74ef70de9340f3a57ecf8ae91b08 Loading...

	w0.123movies-la.com/js/app.min.2.js	64 kB	2023-12-23	2024-05-18
Pretty URL w0.123movies-la.com/js/app.min.2.js IP 172.67.178.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-23 23:46:52 Last Seen2024-05-18 10:59:34 Times Seen39 Hash 95fcaba0e70babdf8718fe7ed294ce05 08de5e47487e68c11f78010c43a346da1c32cf7a 5577efa0234ac4f57f5a86064d4c8eaf66398e9b60b4be2b86587ac21c5f89fe Loading...

	www.googletagmanager.com/gtag/js?id=G-Y6045YTREM	306 kB	2024-05-05	2024-05-05
Pretty URL www.googletagmanager.com/gtag/js?id=G-Y6045YTREM IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 01:17:34 Last Seen2024-05-05 01:17:34 Times Seen2 Hash 280e0884f18fe6a24f4c85482a4a0350 a086b67691064448f9a99c2479dad93224407d7b 905bc95b7b0a35527ce308b06dc502aa91e0d28d4b98813065a6d03e1fdcc69b Loading...

	w0.123movies-la.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.8 kB	2024-05-05	2024-05-05
Pretty URL w0.123movies-la.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.67.178.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 01:17:34 Last Seen2024-05-05 01:17:34 Times Seen1 Hash 547425d3f79d6e039e3d25a9860d21c4 0f48df65bb90ebb21880a30ab006d8377c212435 14c6eef0d710265ac2eb902a2e7e8ca57c2813fec7ede0e70005d0a90995bc01 Loading...

HTTP Transactions (50)

URL IP Response Size

i1.wp.com/image.tmdb.org/t/p/w1280/4d0tMAk49gqbVwgvtQjCriBwyb8.jpg

192.0.77.2

200 OK

71 kB

URL GET HTTP/2
i1.wp.com/image.tmdb.org/t/p/w1280/4d0tMAk49gqbVwgvtQjCriBwyb8.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp
Size
71 kB (71170 bytes)
Hash
b1c5077edbbfed620fec039ffffe05da
663a227a42c5050b87b220e3aac2c0721163159f
f8d23fb71684594fa8f7e29ccd066b26ce32285a3d3237c1f55807ceb63b7fd8

HTTP Headers

GET /image.tmdb.org/t/p/w1280/4d0tMAk49gqbVwgvtQjCriBwyb8.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 23:17:00 GMT
content-type: image/webp
content-length: 71170
last-modified: Thu, 11 Apr 2024 03:10:45 GMT
expires: Sat, 11 Apr 2026 15:10:45 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w1280/4d0tMAk49gqbVwgvtQjCriBwyb8.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "480d907164f4b270"
vary: Accept
x-nc: HIT arn 8
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

w0.123movies-la.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.178.46

302 Found

0 B

URL GET HTTP/3
w0.123movies-la.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.178.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subject123movies-la.com
Fingerprint1C:02:AD:3A:25:86:A1:FD:96:65:1A:8A:52:FA:9D:65:4F:5B:E6:15
ValiditySun, 07 Apr 2024 04:19:41 GMT - Sat, 06 Jul 2024 04:19:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: w0.123movies-la.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 04 May 2024 23:17:00 GMT
content-length: 0
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fTTuQ371zpWzHcC3XBg37XbrQuJhFOeFokfjFTXlvFLYVZubH5A%2F5VtAM3b4O8wM6O49zNWJUWfVdNZUN2rId7vbZpZV5TKTMrfAgZQRcxSCT55s6VIdaieX5rtPKv0cRMnlgEXx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec33a46f51569d-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-Y6045YTREM

142.250.74.72

200 OK

102 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-Y6045YTREM
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
102 kB (101589 bytes)
Hash
280e0884f18fe6a24f4c85482a4a0350
a086b67691064448f9a99c2479dad93224407d7b
905bc95b7b0a35527ce308b06dc502aa91e0d28d4b98813065a6d03e1fdcc69b

HTTP Headers

GET /gtag/js?id=G-Y6045YTREM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 23:17:00 GMT
expires: Sat, 04 May 2024 23:17:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101589
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

w0.123movies-la.com/cdn-cgi/challenge-platform/h/b/jsd/r/87ec33a0bfbe569c

172.67.178.46

200 OK

0 B

URL POST HTTP/3
w0.123movies-la.com/cdn-cgi/challenge-platform/h/b/jsd/r/87ec33a0bfbe569c
IP
172.67.178.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subject123movies-la.com
Fingerprint1C:02:AD:3A:25:86:A1:FD:96:65:1A:8A:52:FA:9D:65:4F:5B:E6:15
ValiditySun, 07 Apr 2024 04:19:41 GMT - Sat, 06 Jul 2024 04:19:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/87ec33a0bfbe569c HTTP/1.1
Host: w0.123movies-la.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12190
Origin: https://w0.123movies-la.com
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/movie/fallout-season-1/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 23:17:00 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=lw96e5qVF_PIZ_rMGFyX8D9oV4SnBvo_6bSPmdnK25E-1714864620-1.0.1.1-CLy.O8J6GjRqDI4t5o6MeqUN56Q7lLrNyn1ZWC0hCaCZbXck1zrbUw_YI37gTJmv3RFZBzONcNlpZb9o2DB3Zw; path=/; expires=Sun, 04-May-25 23:17:00 GMT; domain=.123movies-la.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uLl8ZbDaVDe6GL1jhZD8qP4CuwExMEAf3oWpmxvuxakXI7mb4jcCMaFOaoNARBdHZTa9j6ubmRixzOniDUtUiyqY74uBI45qTGVKulPJWCPIMxaiZY2T2IS7S6rkzqS6Skp1C%2FEK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ec33a5a843569d-OSL
alt-svc: h3=":443"; ma=86400

w0.123movies-la.com/movie/fallout-season-1/

172.67.178.46

200 OK

41 kB

URL User Request GET HTTP/2
w0.123movies-la.com/movie/fallout-season-1/
IP
172.67.178.46:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subject123movies-la.com
Fingerprint1C:02:AD:3A:25:86:A1:FD:96:65:1A:8A:52:FA:9D:65:4F:5B:E6:15
ValiditySun, 07 Apr 2024 04:19:41 GMT - Sat, 06 Jul 2024 04:19:40 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (33750)
Size
41 kB (40632 bytes)
Hash
56114a4b4c2f0af274b96e974db6e308
ae0abb8834ec1abfa95673b87e7011e2e5958741
27f0be301cced5ac6ce0f247ed2204db2c1d1f53e3c92865fbe6d5e623a87333

HTTP Headers

GET /movie/fallout-season-1/ HTTP/1.1
Host: w0.123movies-la.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 23:16:59 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.18, PleskLin
cache-control: max-age=600, private, must-revalidate
expires: Sun, 05 May 2024 00:16:59 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m4QBAwcIqRh%2BSjYz4mDwwNBX%2Fk0BmNTv21KgmYXCTXRGN%2FPoL8DwPq%2FaGyaUVzjzgYZhkNd2mEblSym123xjIiwjIwD%2FICYrwaomy8BLaAAT4TeBmrjkiQBsetKCicKpPsPn9%2B0s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ec33a0bfbe569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i1.wp.com/image.tmdb.org/t/p/w300/AnsSKR9LuK0T9bAOcPVA3PUvyWj.jpg

192.0.77.2

200 OK

18 kB

URL GET HTTP/3
i1.wp.com/image.tmdb.org/t/p/w300/AnsSKR9LuK0T9bAOcPVA3PUvyWj.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp
Size
18 kB (18446 bytes)
Hash
9357413d03be0603376b9b4fa25a78a7
dd24850b4d8c4cab2c60b00a0506f9644b4230bd
f6af0bc1b151bbff1ea331ab772728f4427e591b1d499661ec66760f77818f88

HTTP Headers

GET /image.tmdb.org/t/p/w300/AnsSKR9LuK0T9bAOcPVA3PUvyWj.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx
date: Sat, 04 May 2024 23:17:00 GMT
content-type: image/webp
content-length: 18446
last-modified: Wed, 10 Apr 2024 17:05:10 GMT
expires: Sat, 11 Apr 2026 05:05:10 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/AnsSKR9LuK0T9bAOcPVA3PUvyWj.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "b493d3db49acdfe2"
vary: Accept
x-nc: HIT arn 8
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *

i0.wp.com/image.tmdb.org/t/p/w300/f7l8NXBKxUsSgvWxwKoZd6NxiIT.jpg

192.0.77.2

200 OK

15 kB

URL GET HTTP/3
i0.wp.com/image.tmdb.org/t/p/w300/f7l8NXBKxUsSgvWxwKoZd6NxiIT.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
15 kB (15100 bytes)
Hash
24267596caeac1716b3605731b09049d
5916cc25ba13f7757642917dbb60871fda9dd303
e4d65e6197d28208c03436593cccf9fe24666cfdebf5246339a50f5099d33613

HTTP Headers

GET /image.tmdb.org/t/p/w300/f7l8NXBKxUsSgvWxwKoZd6NxiIT.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx
date: Sat, 04 May 2024 23:17:00 GMT
content-type: image/jpeg
content-length: 15100
last-modified: Sun, 31 Mar 2024 09:22:59 GMT
expires: Tue, 31 Mar 2026 21:22:59 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/f7l8NXBKxUsSgvWxwKoZd6NxiIT.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "0430d680cdd56c0a"
x-optim-disabled: true
vary: Accept
x-nc: HIT arn 8
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *

i0.wp.com/image.tmdb.org/t/p/w300/3rLknxwAK5VSUNWnquVncf9jrrj.jpg

192.0.77.2

200 OK

12 kB

URL GET HTTP/3
i0.wp.com/image.tmdb.org/t/p/w300/3rLknxwAK5VSUNWnquVncf9jrrj.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp
Size
12 kB (11720 bytes)
Hash
b455f7783e4903f7ae32267841e61932
b30adb3205344d6f16b7b82577d2876ece141870
389df92bd71cd14bd97c932b6c18d30467192c8a74b74b7ab223a4f136699400

HTTP Headers

GET /image.tmdb.org/t/p/w300/3rLknxwAK5VSUNWnquVncf9jrrj.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx
date: Sat, 04 May 2024 23:17:00 GMT
content-type: image/webp
content-length: 11720
last-modified: Tue, 09 Apr 2024 02:07:35 GMT
expires: Thu, 09 Apr 2026 14:07:35 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/3rLknxwAK5VSUNWnquVncf9jrrj.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "aaeeff896c4acbb4"
vary: Accept
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *

i0.wp.com/image.tmdb.org/t/p/w300/7Bttz4hEspKlpU0Me57dkHNR3nf.jpg

192.0.77.2

200 OK

10 kB

URL GET HTTP/3
i0.wp.com/image.tmdb.org/t/p/w300/7Bttz4hEspKlpU0Me57dkHNR3nf.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp
Size
10 kB (9982 bytes)
Hash
d64fb5ee0125d78f40cec47c3cd9e501
0cc2818a5b65b8a810c23125fc0140d14b78b4c9
178930f6d5ad290b6d94c2f5a9fb8478f077773d5ecdcda562dd17b8d82845ed

HTTP Headers

GET /image.tmdb.org/t/p/w300/7Bttz4hEspKlpU0Me57dkHNR3nf.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx
date: Sat, 04 May 2024 23:17:00 GMT
content-type: image/webp
content-length: 9982
last-modified: Sat, 17 Feb 2024 03:14:20 GMT
expires: Mon, 16 Feb 2026 15:14:20 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/7Bttz4hEspKlpU0Me57dkHNR3nf.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7cb597e7875217d9"
vary: Accept
x-nc: HIT arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *

i0.wp.com/image.tmdb.org/t/p/w300/kmikHeliwwKqdO9jobRx5qNEkaM.jpg

192.0.77.2

200 OK

20 kB

URL GET HTTP/3
i0.wp.com/image.tmdb.org/t/p/w300/kmikHeliwwKqdO9jobRx5qNEkaM.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x441, Scaling: [none]x[none], YUV color, decoders should clamp
Size
20 kB (19720 bytes)
Hash
cb22965dfe686f4731048eb1cc8c59f8
6be10f890ef52c04241930ae709382a28e7b376e
43d5ffc18aba5fe763919fb46351d2bbd8372a3027263371cfb9aeb3a5eb0c88

HTTP Headers

GET /image.tmdb.org/t/p/w300/kmikHeliwwKqdO9jobRx5qNEkaM.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx
date: Sat, 04 May 2024 23:17:00 GMT
content-type: image/webp
content-length: 19720
last-modified: Sat, 20 Apr 2024 09:10:10 GMT
expires: Mon, 20 Apr 2026 21:10:10 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/kmikHeliwwKqdO9jobRx5qNEkaM.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5ee453921b1f76b0"
vary: Accept
x-nc: HIT arn 4
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *

i0.wp.com/image.tmdb.org/t/p/original/xHqJxnP7X6R7hX75hI5twkASwfI.jpg

192.0.77.2

200 OK

523 kB

URL GET HTTP/3
i0.wp.com/image.tmdb.org/t/p/original/xHqJxnP7X6R7hX75hI5twkASwfI.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x2880, Scaling: [none]x[none], YUV color, decoders should clamp
Size
523 kB (523274 bytes)
Hash
4eb56dce7da503e5a74ae671c1f0adca
b346da0e6d89699256044bf55fcf3d3dbc308109
388b1b756ff0468fefbb15fcd7157c64af0e82642fecf134e2f875c491705231

HTTP Headers

GET /image.tmdb.org/t/p/original/xHqJxnP7X6R7hX75hI5twkASwfI.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx
date: Sat, 04 May 2024 23:17:00 GMT
content-type: image/webp
content-length: 523274
last-modified: Thu, 04 Apr 2024 15:57:56 GMT
expires: Sun, 05 Apr 2026 03:57:56 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/original/xHqJxnP7X6R7hX75hI5twkASwfI.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3eeb14f778ed51f1"
vary: Accept
x-nc: HIT arn 2
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *

banishafreshconjunction.com/89/ab/21/89ab21fd5e23690514167a08b906efa4.js

172.240.127.234

200 OK

16 kB

URL GET HTTP/1.1
banishafreshconjunction.com/89/ab/21/89ab21fd5e23690514167a08b906efa4.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subjectbanishafreshconjunction.com
FingerprintF1:A1:E3:40:51:C5:ED:65:2A:31:52:99:37:D1:E7:F3:4C:49:34:6E
ValidityThu, 28 Mar 2024 20:08:05 GMT - Wed, 26 Jun 2024 20:08:04 GMT

File type
JavaScript source, ASCII text, with very long lines (45316), with no line terminators
Size
16 kB (15983 bytes)
Hash
fa2c5345db00929b4e22178ce8b3b774
1cafa964b9c297371e80e89ac4ce3167b4b5dcc9
ff49bf2ca2ad01558f3bc814bcb49f4d034d2186b94dc7ff8b520a4d2f22853d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /89/ab/21/89ab21fd5e23690514167a08b906efa4.js HTTP/1.1
Host: banishafreshconjunction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 23:17:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=1; expires=Wed, 08 May 2024 02:17:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c08a9adc59a6f9b1b6e3457dacd28adf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

banishafreshconjunction.com/f0/54/67/f05467e9f36c51475b64860bccf43bdc.js

172.240.127.234

200 OK

18 kB

URL GET HTTP/1.1
banishafreshconjunction.com/f0/54/67/f05467e9f36c51475b64860bccf43bdc.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subjectbanishafreshconjunction.com
FingerprintF1:A1:E3:40:51:C5:ED:65:2A:31:52:99:37:D1:E7:F3:4C:49:34:6E
ValidityThu, 28 Mar 2024 20:08:05 GMT - Wed, 26 Jun 2024 20:08:04 GMT

File type
JavaScript source, ASCII text, with very long lines (43624), with no line terminators
Size
18 kB (17598 bytes)
Hash
9e4393bd095995f2259ee8f3b49f16c0
af1126d9372a30245c89d0666eae033a7b79536f
879d23ad460570c9e7270edad780c42779a39a2935130e205a07e18fcba3edc1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f0/54/67/f05467e9f36c51475b64860bccf43bdc.js HTTP/1.1
Host: banishafreshconjunction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 23:17:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d52e8966de688666df53d98e16ce1396
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

w0.123movies-la.com/images/apple-touch-icon.png

172.67.178.46

200 OK

1.1 kB

URL GET HTTP/3
w0.123movies-la.com/images/apple-touch-icon.png
IP
172.67.178.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subject123movies-la.com
Fingerprint1C:02:AD:3A:25:86:A1:FD:96:65:1A:8A:52:FA:9D:65:4F:5B:E6:15
ValiditySun, 07 Apr 2024 04:19:41 GMT - Sat, 06 Jul 2024 04:19:40 GMT

File type
PNG image data, 180 x 180, 4-bit colormap, non-interlaced
Size
1.1 kB (1074 bytes)
Hash
333558579aefc8cc27d37033e7f8ab49
e8593694ca34c1e71b2723062eb27a5450e898bd
69c215d17b01f220d6dd8340d7f926c095e29246ee51f990086cf772114dafe6

HTTP Headers

GET /images/apple-touch-icon.png HTTP/1.1
Host: w0.123movies-la.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/movie/fallout-season-1/
Cookie: cf_clearance=lw96e5qVF_PIZ_rMGFyX8D9oV4SnBvo_6bSPmdnK25E-1714864620-1.0.1.1-CLy.O8J6GjRqDI4t5o6MeqUN56Q7lLrNyn1ZWC0hCaCZbXck1zrbUw_YI37gTJmv3RFZBzONcNlpZb9o2DB3Zw; srv=1; _ga_Y6045YTREM=GS1.1.1714864620.1.0.1714864620.0.0.0; _ga=GA1.1.350000532.1714864621
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 23:17:00 GMT
content-type: image/png
content-length: 1074
last-modified: Thu, 25 Apr 2024 15:45:48 GMT
etag: "432-616edae5a2693"
cache-control: public, max-age=2592000
expires: Thu, 30 May 2024 23:16:45 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
age: 345615
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kkV2JdyXLsj0IBU5B5JWRZleCoWpJW1df1sxPqVWjBVfOpFudTLx2DujK8SdjHyI6k482u15%2FdlELfhgrWTLpT%2FqHMXCZ8DTj4tl1v2vlWT4j2Ggl0iw9SnP7%2Bj0QFo9loh18FOC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec33a7c96e569d-OSL
alt-svc: h3=":443"; ma=86400

w0.123movies-la.com/images/favicon-16x16.png

172.67.178.46

200 OK

981 B

URL GET HTTP/3
w0.123movies-la.com/images/favicon-16x16.png
IP
172.67.178.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subject123movies-la.com
Fingerprint1C:02:AD:3A:25:86:A1:FD:96:65:1A:8A:52:FA:9D:65:4F:5B:E6:15
ValiditySun, 07 Apr 2024 04:19:41 GMT - Sat, 06 Jul 2024 04:19:40 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
981 B (981 bytes)
Hash
177d1f0dd6679bb43940ddac73fb1536
209b0418f0ee3326c2a04bcd4323609c9b53bb4c
a2755ad99cc64b44c51de91575b72ddafda7a609dd60de1636c4f07f150067b1

HTTP Headers

GET /images/favicon-16x16.png HTTP/1.1
Host: w0.123movies-la.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/movie/fallout-season-1/
Cookie: cf_clearance=lw96e5qVF_PIZ_rMGFyX8D9oV4SnBvo_6bSPmdnK25E-1714864620-1.0.1.1-CLy.O8J6GjRqDI4t5o6MeqUN56Q7lLrNyn1ZWC0hCaCZbXck1zrbUw_YI37gTJmv3RFZBzONcNlpZb9o2DB3Zw; srv=1; _ga_Y6045YTREM=GS1.1.1714864620.1.0.1714864620.0.0.0; _ga=GA1.1.350000532.1714864621
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 23:17:00 GMT
content-type: image/png
content-length: 981
last-modified: Thu, 25 Apr 2024 15:45:48 GMT
etag: "3d5-616edae5a1ec3"
cache-control: public, max-age=2592000
expires: Thu, 30 May 2024 18:54:47 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
age: 361333
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2BQUSUBRMlE1NukathIhqzsOHEcxN7%2FPuQ4fuGSdbP9Gu54mkqKhJ1X4%2BGs3NuVFXGQLQWex1AMXhwKX8vjGurjJjl0UvtX04BJ5WOaI%2FHmr8JnwhSfoDaVPtnP0FOfizEcwkJOj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec33a7c96f569d-OSL
alt-svc: h3=":443"; ma=86400

w0.123movies-la.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.178.46

302 Found

0 B

URL GET HTTP/3
w0.123movies-la.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.178.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subject123movies-la.com
Fingerprint1C:02:AD:3A:25:86:A1:FD:96:65:1A:8A:52:FA:9D:65:4F:5B:E6:15
ValiditySun, 07 Apr 2024 04:19:41 GMT - Sat, 06 Jul 2024 04:19:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: w0.123movies-la.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=lw96e5qVF_PIZ_rMGFyX8D9oV4SnBvo_6bSPmdnK25E-1714864620-1.0.1.1-CLy.O8J6GjRqDI4t5o6MeqUN56Q7lLrNyn1ZWC0hCaCZbXck1zrbUw_YI37gTJmv3RFZBzONcNlpZb9o2DB3Zw; srv=1; _ga_Y6045YTREM=GS1.1.1714864620.1.0.1714864620.0.0.0; _ga=GA1.1.350000532.1714864621; ppu_show_on_f05467e9f36c51475b64860bccf43bdc=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 04 May 2024 23:17:00 GMT
content-length: 0
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5uwo200NZjVIbdytnVWPpDQlppNM9NDf8PULNSgQZKv3JHeIZRIfuTcT4ge%2FXv%2FEasqTjSOLHfVvNsFmP57viNJtZS5FM47M73MAvkHyqL8L6uOZJ2dJ3vi9VgGgMxWGe8osBIrg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec33a819ab569d-OSL
alt-svc: h3=":443"; ma=86400

banishafreshconjunction.com/8f/b4/7e/8fb47e6668b7fa2d208541541b49d522.js

172.240.127.234

200 OK

16 kB

URL GET HTTP/1.1
banishafreshconjunction.com/8f/b4/7e/8fb47e6668b7fa2d208541541b49d522.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subjectbanishafreshconjunction.com
FingerprintF1:A1:E3:40:51:C5:ED:65:2A:31:52:99:37:D1:E7:F3:4C:49:34:6E
ValidityThu, 28 Mar 2024 20:08:05 GMT - Wed, 26 Jun 2024 20:08:04 GMT

File type
JavaScript source, ASCII text, with very long lines (45369), with no line terminators
Size
16 kB (16010 bytes)
Hash
8847bd4e15342d60a064eb738872e5b7
5b19f6c031347adaedcc7685d4d6e6b66fa222ea
4df32abd7499301c27424704178039036f667c032d13ea7e86e1361545f1bfa4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8f/b4/7e/8fb47e6668b7fa2d208541541b49d522.js HTTP/1.1
Host: banishafreshconjunction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 23:17:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=1; expires=Wed, 08 May 2024 02:17:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1e8f88e42a8298376262b320fb17105c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
691c3f87e4fe41a736328d3c71e2dbdc
fd76f455b38ba18f00a6fb81e3585201eb3c43f6
8ac709de568d48e4c9e64b75afa6cd3fed58e2cf0c21e823af01ab342e6794b9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 23:17:00 GMT
Last-Modified: Sat, 04 May 2024 22:03:47 GMT
Server: ECAcc (ska/F6D2)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FqDzeBlK8sEOCZNIdlP4rRawuV7VjwS45RCn_xA73s3VRvGVWX48_g==
Age: 4393

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
691c3f87e4fe41a736328d3c71e2dbdc
fd76f455b38ba18f00a6fb81e3585201eb3c43f6
8ac709de568d48e4c9e64b75afa6cd3fed58e2cf0c21e823af01ab342e6794b9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 23:17:00 GMT
Last-Modified: Sat, 04 May 2024 22:31:45 GMT
Server: ECAcc (ska/F73A)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mfCR9nq6ZjPdCqp6-NqSDSJLrGxQj1OX9mGMiU97RxyVN159j3T-ZA==
Age: 2715

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
0e3474511ba8739a0de0e571112d5100
b2b4d631763b02f7fee04bc7d553d13919fe0546
bf7144adbde8adecdd0b39d1ae29d471cdf7de894c60b094f1f24ddfeda1adcf

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w0.123movies-la.com
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 23:17:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://w0.123movies-la.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ded948cb-514d-4a24-a9a4-4c5e0e67a8fb:3:1; expires=Tue, 02 May 2034 23:17:00 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
740ea376801a297ee5f3a46851f1d2f6
2aaf0d97a0a75b993a64fc59eb78fd01c06044c1
1689b3d0c1fb3e73930f25e7e9bc8845aa8965d7b793d2ad2ec9f07e3ac8e21c

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w0.123movies-la.com
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 23:17:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://w0.123movies-la.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=7bc74e50-57f1-4537-bffe-1ddde22ddcbb:2:1; expires=Tue, 02 May 2034 23:17:00 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

w0.123movies-la.com/cdn-cgi/challenge-platform/h/b/jsd/r/87ec33a0bfbe569c

172.67.178.46

200 OK

0 B

URL POST HTTP/3
w0.123movies-la.com/cdn-cgi/challenge-platform/h/b/jsd/r/87ec33a0bfbe569c
IP
172.67.178.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subject123movies-la.com
Fingerprint1C:02:AD:3A:25:86:A1:FD:96:65:1A:8A:52:FA:9D:65:4F:5B:E6:15
ValiditySun, 07 Apr 2024 04:19:41 GMT - Sat, 06 Jul 2024 04:19:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/87ec33a0bfbe569c HTTP/1.1
Host: w0.123movies-la.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12189
Origin: https://w0.123movies-la.com
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/movie/fallout-season-1/
Cookie: cf_clearance=lw96e5qVF_PIZ_rMGFyX8D9oV4SnBvo_6bSPmdnK25E-1714864620-1.0.1.1-CLy.O8J6GjRqDI4t5o6MeqUN56Q7lLrNyn1ZWC0hCaCZbXck1zrbUw_YI37gTJmv3RFZBzONcNlpZb9o2DB3Zw; srv=1; _ga_Y6045YTREM=GS1.1.1714864620.1.0.1714864620.0.0.0; _ga=GA1.1.350000532.1714864621; ppu_show_on_f05467e9f36c51475b64860bccf43bdc=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 23:17:00 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=gWcZQfIUDHCxUhLrqFVj_570PsHE3b9fHIUjkoOjvZk-1714864620-1.0.1.1-YLRBcR5UCA_i9EZE0MXwD7fiUIdjTpos7LOh6xVwfmxyoQN97OHdT8dAbQMX_F.DQB8nSQd7oeb6bFRjybfCLg; path=/; expires=Sun, 04-May-25 23:17:00 GMT; domain=.123movies-la.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i2s5lNuYaMJEu8Vwr5rAJcMtsscCAO8Pn%2BVR5Q3KKMK69mGc28cDvJKQeQTAmeRmjqezOKaS4aRevlgnusPOKJ44360XJD1VsureCCraMu5pf3eref4cw9L7LtGxjetP%2FDvQgyXr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ec33a92a9b569d-OSL
alt-svc: h3=":443"; ma=86400

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
6a04d65885dc53f33c7f1b843a597b81
e2c69cc9d045d06eefef50f9d35126a036e1dec8
737f6f9099d074318279f296e1dd7fe20074cd94c2d5714bd7167d357eb2362d

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w0.123movies-la.com
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 23:17:01 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://w0.123movies-la.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=e85d0afc-80aa-4c94-b4de-b8e3ca51cee8:1:1; expires=Tue, 02 May 2034 23:17:01 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

188.114.96.1

200 OK

40 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
40 kB (40272 bytes)
Hash
f4a2f8f9f99541c6f105bbd0a025bd40
1f8e3eff12168fdd9e719adfc098d24a45b6916a
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 23:17:01 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e5307aebd01f2483d298aa7e4f55f20b
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 23:17:00 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R60WojaDRNqUjP1viLSadUccShHuB3IURSdQQ0opCUQF1bebtJ%2B5ZJYQvRrBxgOQJ%2BC6zQWt0HfejXd8QOsaXjTu9IJBYZYru%2FFh0YjjlCIvAQ30pFZ6uxlAbXp2IuVq4Oj3iPQf0wEHh2Na%2Fy817g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec33a93ae456cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hoardpastimegolf.com/sbar.json?key=89ab21fd5e23690514167a08b906efa4&psid=CF-3448_1&uuid=ded948cb-514d-4a24-a9a4-4c5e0e67a8fb%3A3%3A1

172.240.108.76

200 OK

8.1 kB

URL GET HTTP/1.1
hoardpastimegolf.com/sbar.json?key=89ab21fd5e23690514167a08b906efa4&psid=CF-3448_1&uuid=ded948cb-514d-4a24-a9a4-4c5e0e67a8fb%3A3%3A1
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subjecthoardpastimegolf.com
FingerprintF5:0F:63:9B:DB:38:72:C3:A6:87:C8:B7:A3:11:3B:2B:1B:FA:AE:88
ValidityMon, 29 Apr 2024 08:13:22 GMT - Sun, 28 Jul 2024 08:13:21 GMT

File type
JSON text data
Size
8.1 kB (8080 bytes)
Hash
d58897073b508f85cec0fec45958f0a9
e0a6fb6cc1c5c0fd220387bece05414c180855da
b707f0a6fdff08ec32259a622a826feb50791c3eb5d4278566f9b30ee0678a76

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=89ab21fd5e23690514167a08b906efa4&psid=CF-3448_1&uuid=ded948cb-514d-4a24-a9a4-4c5e0e67a8fb%3A3%3A1 HTTP/1.1
Host: hoardpastimegolf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w0.123movies-la.com
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 23:17:01 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://w0.123movies-la.com
Access-Control-Allow-Origin: https://w0.123movies-la.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18719635; expires=Sun, 05 May 2024 23:17:01 GMT; secure; SameSite=None
uid_id2=ded948cb-514d-4a24-a9a4-4c5e0e67a8fb:3:1; expires=Sat, 11 May 2024 23:17:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 23:17:01 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 23:17:01 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 05 May 2024 23:17:01 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 05 May 2024 23:17:01 GMT; secure; SameSite=None
slec89ab21fd5e23690514167a08b906efa4=[5210994,5210995]; expires=Sat, 04 May 2024 23:17:06 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ef77db3559fc7256060d06940699027a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

hoardpastimegolf.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxReu3mx%2B%2FNSDKDkZAnPIQSE7293T0zNjDov5sxJcsyFRFCKE6qrqSTnVXU1V9%2FRkT9GA5Dgq4rX3m02W6CIGvBp1dkFhQdjxtIfsyaN6EXPwJDMuWXyHeu%2FV9xV89b330XpxQHwUdP%2FCm3pNKkUXm3W39vK7nne2tiLTYlAbtMMbYXC2ZvqvdsK6%2B0rtdcF6etF3Pdf1XK%2B2LI2I9WBxCkJmWx2v3nHrgV%2F3mgEG5r%2B9LRxY6oD3D8iLkHwyv%2BOcgGRjpMnXF4Tt5To7czEpFM21QZ9vvp32Ul2mSI7K2DiI081DNrTdW34End6byYXuPyVGckKcHx8hSjcPRSLqb8x0RgoiRcSfQ9kfQ6gxJB2D6TuQfI8AjOPyKtLk%2FmVtSnrrX5RO0QmZf%2FInZDkh849PIE2%2BOqfkoHZNqyKXOrUYxBXkYAzZHSMrtpGvzUGW22D5h5D8Z7L4ZAVpsrFqlYbk%2B6e54J2gzaKFphfwhYD6wQLt0GAhYE3hirBF23E0M0jKMWQ8hhJDUHsMhXVQSAdF7KDIHCR8v8Y8z2u5nFG33WGswVsiCrnr0VbsUc8N2yjY9A9D5NkQTA3BzG1k5jZ68uO9%2BhZM8T3szQqWO7A5QZ9XKAVBaQlKSlBKgjInKPvVPa6sb6v7XNki8g6zf5gb1Ujn3XV6T%2BddkRJQM4Th1Xp2QF6YeuicGn2KntivtTs08r2YN4XfCDtu0wu8sEXddtRxQxHTAFY%2BOL%2B80AiC9g0P0s6BWgdrckJqP72ETE7I8f%2FniOg2rNoGkw5ocQq0rEBvVlhLH3p%2BI9F9KWxshKhLVoDrClk%2Bj%2FyWs64OyMnZTFfvGAi2u%2FT3N6Nnr48%2BAzMVMlPhfblD0FV3R1d1STau6tKSh6tZLhO5RqfzvpbTXBz%2F4g1xq9SGX7pghw9eY1NgWm69JWy%2BQlMu064lX56TnAuzrA0T5NtL9h0RXSnszXOFSYts5cr55UtJZoS1UqdjULl38XMwOSHPf%2FfebJHPXP8V0oxhigpJsUsOA1Jvg2W3YbPdpT92fmO9ZxisJjDqiBNlDsqiGhk%2FOrpUkkCJo55GFazYXfrrg%2F%2Bdfrx4EpF4asfI0OlrKqt1exddMwea30GaVOibCn1VgaohbHFslGdmd%2BmXxiwQqblRpMzcRqSM%2BmRm8vSwsHK%2F1mo0XBp2ml6rRUUrCvx2HHqcUj8I%2FTCkDeR2Eoc%2F%2FP4PAAAA%2F%2F8BAAD%2F%2FyJqcXGiBAAA

172.240.108.76

200 OK

7 B

URL GET HTTP/1.1
hoardpastimegolf.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxReu3mx%2B%2FNSDKDkZAnPIQSE7293T0zNjDov5sxJcsyFRFCKE6qrqSTnVXU1V9%2FRkT9GA5Dgq4rX3m02W6CIGvBp1dkFhQdjxtIfsyaN6EXPwJDMuWXyHeu%2FV9xV89b330XpxQHwUdP%2FCm3pNKkUXm3W39vK7nne2tiLTYlAbtMMbYXC2ZvqvdsK6%2B0rtdcF6etF3Pdf1XK%2B2LI2I9WBxCkJmWx2v3nHrgV%2F3mgEG5r%2B9LRxY6oD3D8iLkHwyv%2BOcgGRjpMnXF4Tt5To7czEpFM21QZ9vvp32Ul2mSI7K2DiI081DNrTdW34End6byYXuPyVGckKcHx8hSjcPRSLqb8x0RgoiRcSfQ9kfQ6gxJB2D6TuQfI8AjOPyKtLk%2FmVtSnrrX5RO0QmZf%2FInZDkh849PIE2%2BOqfkoHZNqyKXOrUYxBXkYAzZHSMrtpGvzUGW22D5h5D8Z7L4ZAVpsrFqlYbk%2B6e54J2gzaKFphfwhYD6wQLt0GAhYE3hirBF23E0M0jKMWQ8hhJDUHsMhXVQSAdF7KDIHCR8v8Y8z2u5nFG33WGswVsiCrnr0VbsUc8N2yjY9A9D5NkQTA3BzG1k5jZ68uO9%2BhZM8T3szQqWO7A5QZ9XKAVBaQlKSlBKgjInKPvVPa6sb6v7XNki8g6zf5gb1Ujn3XV6T%2BddkRJQM4Th1Xp2QF6YeuicGn2KntivtTs08r2YN4XfCDtu0wu8sEXddtRxQxHTAFY%2BOL%2B80AiC9g0P0s6BWgdrckJqP72ETE7I8f%2FniOg2rNoGkw5ocQq0rEBvVlhLH3p%2BI9F9KWxshKhLVoDrClk%2Bj%2FyWs64OyMnZTFfvGAi2u%2FT3N6Nnr48%2BAzMVMlPhfblD0FV3R1d1STau6tKSh6tZLhO5RqfzvpbTXBz%2F4g1xq9SGX7pghw9eY1NgWm69JWy%2BQlMu064lX56TnAuzrA0T5NtL9h0RXSnszXOFSYts5cr55UtJZoS1UqdjULl38XMwOSHPf%2FfebJHPXP8V0oxhigpJsUsOA1Jvg2W3YbPdpT92fmO9ZxisJjDqiBNlDsqiGhk%2FOrpUkkCJo55GFazYXfrrg%2F%2Bdfrx4EpF4asfI0OlrKqt1exddMwea30GaVOibCn1VgaohbHFslGdmd%2BmXxiwQqblRpMzcRqSM%2BmRm8vSwsHK%2F1mo0XBp2ml6rRUUrCvx2HHqcUj8I%2FTCkDeR2Eoc%2F%2FP4PAAAA%2F%2F8BAAD%2F%2FyJqcXGiBAAA
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subjecthoardpastimegolf.com
FingerprintF5:0F:63:9B:DB:38:72:C3:A6:87:C8:B7:A3:11:3B:2B:1B:FA:AE:88
ValidityMon, 29 Apr 2024 08:13:22 GMT - Sun, 28 Jul 2024 08:13:21 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxReu3mx%2B%2FNSDKDkZAnPIQSE7293T0zNjDov5sxJcsyFRFCKE6qrqSTnVXU1V9%2FRkT9GA5Dgq4rX3m02W6CIGvBp1dkFhQdjxtIfsyaN6EXPwJDMuWXyHeu%2FV9xV89b330XpxQHwUdP%2FCm3pNKkUXm3W39vK7nne2tiLTYlAbtMMbYXC2ZvqvdsK6%2B0rtdcF6etF3Pdf1XK%2B2LI2I9WBxCkJmWx2v3nHrgV%2F3mgEG5r%2B9LRxY6oD3D8iLkHwyv%2BOcgGRjpMnXF4Tt5To7czEpFM21QZ9vvp32Ul2mSI7K2DiI081DNrTdW34End6byYXuPyVGckKcHx8hSjcPRSLqb8x0RgoiRcSfQ9kfQ6gxJB2D6TuQfI8AjOPyKtLk%2FmVtSnrrX5RO0QmZf%2FInZDkh849PIE2%2BOqfkoHZNqyKXOrUYxBXkYAzZHSMrtpGvzUGW22D5h5D8Z7L4ZAVpsrFqlYbk%2B6e54J2gzaKFphfwhYD6wQLt0GAhYE3hirBF23E0M0jKMWQ8hhJDUHsMhXVQSAdF7KDIHCR8v8Y8z2u5nFG33WGswVsiCrnr0VbsUc8N2yjY9A9D5NkQTA3BzG1k5jZ68uO9%2BhZM8T3szQqWO7A5QZ9XKAVBaQlKSlBKgjInKPvVPa6sb6v7XNki8g6zf5gb1Ujn3XV6T%2BddkRJQM4Th1Xp2QF6YeuicGn2KntivtTs08r2YN4XfCDtu0wu8sEXddtRxQxHTAFY%2BOL%2B80AiC9g0P0s6BWgdrckJqP72ETE7I8f%2FniOg2rNoGkw5ocQq0rEBvVlhLH3p%2BI9F9KWxshKhLVoDrClk%2Bj%2FyWs64OyMnZTFfvGAi2u%2FT3N6Nnr48%2BAzMVMlPhfblD0FV3R1d1STau6tKSh6tZLhO5RqfzvpbTXBz%2F4g1xq9SGX7pghw9eY1NgWm69JWy%2BQlMu064lX56TnAuzrA0T5NtL9h0RXSnszXOFSYts5cr55UtJZoS1UqdjULl38XMwOSHPf%2FfebJHPXP8V0oxhigpJsUsOA1Jvg2W3YbPdpT92fmO9ZxisJjDqiBNlDsqiGhk%2FOrpUkkCJo55GFazYXfrrg%2F%2Bdfrx4EpF4asfI0OlrKqt1exddMwea30GaVOibCn1VgaohbHFslGdmd%2BmXxiwQqblRpMzcRqSM%2BmRm8vSwsHK%2F1mo0XBp2ml6rRUUrCvx2HHqcUj8I%2FTCkDeR2Eoc%2F%2FP4PAAAA%2F%2F8BAAD%2F%2FyJqcXGiBAAA HTTP/1.1
Host: hoardpastimegolf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Cookie: u_pl=18719635; uid_id2=ded948cb-514d-4a24-a9a4-4c5e0e67a8fb:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec89ab21fd5e23690514167a08b906efa4=[5210994,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 23:17:01 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 329ca1f6083925f08c26e259e52123ed
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/icon.png

188.114.96.1

200 OK

12 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/icon.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
PNG image data, 230 x 253, 8-bit colormap, non-interlaced
Size
12 kB (11963 bytes)
Hash
b1f546ae7b0fbf8f3d19946146456d8a
37792f4d6fb3482b3d0281139a61e2e426fa3056
2a0b851026a70a5da3b5f2fe9e7f5d098c4126c035a68de8e90f8408bab6fd33

HTTP Headers

GET /sb/interstitial/sweep/default/stories/1/img/icon.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 23:17:02 GMT
content-type: image/png
content-length: 11963
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: "65aa847c-2ebb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 370742
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TPMP%2FTRiTzX7B70bfgMwJ6g0g0zX0B571iDyQogzlITFO3CsnOYOdBz5eC8jHxlvBEnKynm1BrunZ5hV63c7efbDtJyKc18x2udJd%2B%2BVWH9mvq20JED7LKX6KfW4PKnW42PRAmPdc5xC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec33b01ce256bd-OSL
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/close.svg

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/close.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
SVG Scalable Vector Graphics image
Size
1.0 kB (1047 bytes)
Hash
369850b9873659adf0951d845f57dba1
a64257186daa33b6b318943a457b6cf8d80b26b6
9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21

HTTP Headers

GET /sb/interstitial/sweep/default/stories/1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 23:17:02 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1659844
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i6QVICjJ8mV9KJiV%2FhE8eY%2BgubkUJ%2B1ft4LcJlLYr07%2FUhQJnUVF4BP%2B3PoAzJ3pipSRmXwJ62X1PhM0rukoj3C8zJ4gdg0e2eq5mg895i49MblsnXVR09nhX1FqcJgsYUeYhg5bXxsN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec33b01ce056bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
1.2 kB (1188 bytes)
Hash
d7f194b9ecb48cc1f7732aa11f657af8
78bf4b130952a61d8c6c199b28ba35e75efc5521
5d1db349bd4390728870488442f17c7eb56399a95005b3d423dc2dfdce5c0454

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 23:17:02 GMT
date: Sat, 04 May 2024 23:17:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.barscreative1.com/sb/interstitial/sweep/default/stories/1/index.html

45.133.44.3

200 OK

390 B

URL GET HTTP/2
cdn.barscreative1.com/sb/interstitial/sweep/default/stories/1/index.html
IP
45.133.44.3:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subjectcdn.barscreative1.com
FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3
ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT

File type
HTML document, ASCII text
Size
390 B (390 bytes)
Hash
89030df8dfefc9995e67f1f9a10cb67b
611d80cdbb1f16813ad8863e6c52b92226631de1
9309425dbe10398bf47b54d2328097cc6d65c4d56a7ed83afa15c468389b4c86

HTTP Headers

GET /sb/interstitial/sweep/default/stories/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w0.123movies-la.com
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 23:17:01 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-465"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 05 May 2024 00:17:01 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

allowsmelodramaticswindle.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fanimate.css&l=78693&fd=40

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
allowsmelodramaticswindle.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fanimate.css&l=78693&fd=40
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subjectallowsmelodramaticswindle.com
Fingerprint6C:2F:35:6B:A6:2B:D6:CB:51:92:E6:81:B3:98:25:B6:5A:B8:26:42
ValidityTue, 30 Apr 2024 15:29:17 GMT - Mon, 29 Jul 2024 15:29:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fanimate.css&l=78693&fd=40 HTTP/1.1
Host: allowsmelodramaticswindle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 23:17:02 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

allowsmelodramaticswindle.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fjs%2Fscript.js&l=321&fd=16

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
allowsmelodramaticswindle.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fjs%2Fscript.js&l=321&fd=16
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subjectallowsmelodramaticswindle.com
Fingerprint6C:2F:35:6B:A6:2B:D6:CB:51:92:E6:81:B3:98:25:B6:5A:B8:26:42
ValidityTue, 30 Apr 2024 15:29:17 GMT - Mon, 29 Jul 2024 15:29:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fjs%2Fscript.js&l=321&fd=16 HTTP/1.1
Host: allowsmelodramaticswindle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 23:17:02 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

hoardpastimegolf.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST4gcxReu3mx%2B%2FNSDKDkZAnPIQSE72z3T888cFvNnJbhmQ6IoRAj1ryflVHc1Vd3Tkz1FA5LjqIjX3m82WaKLGPBq1NkFhQVhx9MesieP6kXMwZPMuGTxHeq9V99X8NX33kfr%2BQGpIaf7F940a0prutio%2BpWX3w2Cs5UVleSDyqDdvNEMz1Zs%2F9VOs%2Bq%2FUnld8p5ZrPmB7wd%2BUFlWVkZmsDgFodKtTlDt%2BNWwVg0aIQb2v73LPTjqQfQPyItQYjK%2F452A4mMk8dcXpOtlJj1zMc41zYxFX2y%2BnfQSUySIj8rIeoiSzUM2jNtbfgST3JvJhek%2FJTI1Id6Pj8CSzUORYP2NmU6mIRMw8RyK%2FhhSj6HoGNzcgRJ7BOACl1eRxPcvG1vQW%2F%2BidIpOyPyTP6GKCZl%2FfAJJ%2FNU5rQaVa0bnmTKJwyAqoQZjqO4Yab6NbG0OqtgGzz6EEj%2BTxScrSOKNVacNlNg%2FLaTohG3OFhpBKBZCWgsXaIeGCyFvSF82W7QdsZlBSo2hojG0HIK6Y8idh1x5yCMPeeohFvsVHgRByxec%2Bu0O53XRkqwp%2FIC2ooAGfrONnE%2F%2FMESWDsH1ENzeRmpvo6c%2B3qtuwebfw90s4YQHlxH0RYlCEhSOoKAEhSIoMoKiX94T2tVceV9ol7PgMNcOc70cmay7Tu%2BZrCsTAmqHsKJcTw%2FIC1MPvVOjT9GT%2B5V2h7JaEImGrNWbHb8RhEGzRf026%2FhNGdEQTj04v7xQD8P2jQDKzYE6D2tqQio%2FvYRUTcjx%2F2dgdBtOb4MrDzQ%2FBVqUoDdLrCUPg1o9Nn0lXWSlrCqeQ5gSaTaP7Ja3rg%2FIydlMV%2B9YSL679Pc3o2evjz4DtyVSW%2BJ9tUPQ1XdHV01BNq6awpGHq2mmYrVGp%2FO%2BltFMHv%2FiDXmrMFZcuuCGD17jU2Babr0lXbZCE6GSriNfnlNCSLtsLJfk20vuHcmu5O7mudwmebpy5fzypTi10jllkjGo2rv4ObiakOe%2Fe2%2B2yGeu%2Fwplx7B5iTjfJYcBZbbB09tw6e7SHzu%2F8d4zHM4QWH3EYamHIi9HtsaOLrUi0PKop6yEk7tLf33wv9OPF0%2BCyad2jCydvqaqXHd30bVzoNkdJHGJvi3R1yWoHsLlx0ZZaneXfqnPAkzPjZi2cxtMW%2F3JzOTp4eDUfqXuixaTkWwxGTbCSHLBGg3m84izumi3OTI3iZo%2F%2FP4PAAAA%2F%2F8BAAD%2F%2F6K%2BpJmiBAAA

172.240.108.76

200 OK

7 B

URL GET HTTP/1.1
hoardpastimegolf.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST4gcxReu3mx%2B%2FNSDKDkZAnPIQSE72z3T888cFvNnJbhmQ6IoRAj1ryflVHc1Vd3Tkz1FA5LjqIjX3m82WaKLGPBq1NkFhQVhx9MesieP6kXMwZPMuGTxHeq9V99X8NX33kfr%2BQGpIaf7F940a0prutio%2BpWX3w2Cs5UVleSDyqDdvNEMz1Zs%2F9VOs%2Bq%2FUnld8p5ZrPmB7wd%2BUFlWVkZmsDgFodKtTlDt%2BNWwVg0aIQb2v73LPTjqQfQPyItQYjK%2F452A4mMk8dcXpOtlJj1zMc41zYxFX2y%2BnfQSUySIj8rIeoiSzUM2jNtbfgST3JvJhek%2FJTI1Id6Pj8CSzUORYP2NmU6mIRMw8RyK%2FhhSj6HoGNzcgRJ7BOACl1eRxPcvG1vQW%2F%2BidIpOyPyTP6GKCZl%2FfAJJ%2FNU5rQaVa0bnmTKJwyAqoQZjqO4Yab6NbG0OqtgGzz6EEj%2BTxScrSOKNVacNlNg%2FLaTohG3OFhpBKBZCWgsXaIeGCyFvSF82W7QdsZlBSo2hojG0HIK6Y8idh1x5yCMPeeohFvsVHgRByxec%2Bu0O53XRkqwp%2FIC2ooAGfrONnE%2F%2FMESWDsH1ENzeRmpvo6c%2B3qtuwebfw90s4YQHlxH0RYlCEhSOoKAEhSIoMoKiX94T2tVceV9ol7PgMNcOc70cmay7Tu%2BZrCsTAmqHsKJcTw%2FIC1MPvVOjT9GT%2B5V2h7JaEImGrNWbHb8RhEGzRf026%2FhNGdEQTj04v7xQD8P2jQDKzYE6D2tqQio%2FvYRUTcjx%2F2dgdBtOb4MrDzQ%2FBVqUoDdLrCUPg1o9Nn0lXWSlrCqeQ5gSaTaP7Ja3rg%2FIydlMV%2B9YSL679Pc3o2evjz4DtyVSW%2BJ9tUPQ1XdHV01BNq6awpGHq2mmYrVGp%2FO%2BltFMHv%2FiDXmrMFZcuuCGD17jU2Babr0lXbZCE6GSriNfnlNCSLtsLJfk20vuHcmu5O7mudwmebpy5fzypTi10jllkjGo2rv4ObiakOe%2Fe2%2B2yGeu%2Fwplx7B5iTjfJYcBZbbB09tw6e7SHzu%2F8d4zHM4QWH3EYamHIi9HtsaOLrUi0PKop6yEk7tLf33wv9OPF0%2BCyad2jCydvqaqXHd30bVzoNkdJHGJvi3R1yWoHsLlx0ZZaneXfqnPAkzPjZi2cxtMW%2F3JzOTp4eDUfqXuixaTkWwxGTbCSHLBGg3m84izumi3OTI3iZo%2F%2FP4PAAAA%2F%2F8BAAD%2F%2F6K%2BpJmiBAAA
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subjecthoardpastimegolf.com
FingerprintF5:0F:63:9B:DB:38:72:C3:A6:87:C8:B7:A3:11:3B:2B:1B:FA:AE:88
ValidityMon, 29 Apr 2024 08:13:22 GMT - Sun, 28 Jul 2024 08:13:21 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST4gcxReu3mx%2B%2FNSDKDkZAnPIQSE72z3T888cFvNnJbhmQ6IoRAj1ryflVHc1Vd3Tkz1FA5LjqIjX3m82WaKLGPBq1NkFhQVhx9MesieP6kXMwZPMuGTxHeq9V99X8NX33kfr%2BQGpIaf7F940a0prutio%2BpWX3w2Cs5UVleSDyqDdvNEMz1Zs%2F9VOs%2Bq%2FUnld8p5ZrPmB7wd%2BUFlWVkZmsDgFodKtTlDt%2BNWwVg0aIQb2v73LPTjqQfQPyItQYjK%2F452A4mMk8dcXpOtlJj1zMc41zYxFX2y%2BnfQSUySIj8rIeoiSzUM2jNtbfgST3JvJhek%2FJTI1Id6Pj8CSzUORYP2NmU6mIRMw8RyK%2FhhSj6HoGNzcgRJ7BOACl1eRxPcvG1vQW%2F%2BidIpOyPyTP6GKCZl%2FfAJJ%2FNU5rQaVa0bnmTKJwyAqoQZjqO4Yab6NbG0OqtgGzz6EEj%2BTxScrSOKNVacNlNg%2FLaTohG3OFhpBKBZCWgsXaIeGCyFvSF82W7QdsZlBSo2hojG0HIK6Y8idh1x5yCMPeeohFvsVHgRByxec%2Bu0O53XRkqwp%2FIC2ooAGfrONnE%2F%2FMESWDsH1ENzeRmpvo6c%2B3qtuwebfw90s4YQHlxH0RYlCEhSOoKAEhSIoMoKiX94T2tVceV9ol7PgMNcOc70cmay7Tu%2BZrCsTAmqHsKJcTw%2FIC1MPvVOjT9GT%2B5V2h7JaEImGrNWbHb8RhEGzRf026%2FhNGdEQTj04v7xQD8P2jQDKzYE6D2tqQio%2FvYRUTcjx%2F2dgdBtOb4MrDzQ%2FBVqUoDdLrCUPg1o9Nn0lXWSlrCqeQ5gSaTaP7Ja3rg%2FIydlMV%2B9YSL679Pc3o2evjz4DtyVSW%2BJ9tUPQ1XdHV01BNq6awpGHq2mmYrVGp%2FO%2BltFMHv%2FiDXmrMFZcuuCGD17jU2Babr0lXbZCE6GSriNfnlNCSLtsLJfk20vuHcmu5O7mudwmebpy5fzypTi10jllkjGo2rv4ObiakOe%2Fe2%2B2yGeu%2Fwplx7B5iTjfJYcBZbbB09tw6e7SHzu%2F8d4zHM4QWH3EYamHIi9HtsaOLrUi0PKop6yEk7tLf33wv9OPF0%2BCyad2jCydvqaqXHd30bVzoNkdJHGJvi3R1yWoHsLlx0ZZaneXfqnPAkzPjZi2cxtMW%2F3JzOTp4eDUfqXuixaTkWwxGTbCSHLBGg3m84izumi3OTI3iZo%2F%2FP4PAAAA%2F%2F8BAAD%2F%2F6K%2BpJmiBAAA HTTP/1.1
Host: hoardpastimegolf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Cookie: u_pl=18719635; uid_id2=ded948cb-514d-4a24-a9a4-4c5e0e67a8fb:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec89ab21fd5e23690514167a08b906efa4=[5210994,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 23:17:02 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c34673b7c6472639eddbb9bc38150c82
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/style.css

188.114.96.1

200 OK

505 B

URL GET HTTP/2
cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/style.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
505 B (505 bytes)
Hash
09e402648e8c3edf74a22296eec8ed6e
50f3fccaf2074366bd61b4925cdad604f951c17b
4cf2b716e0c42dfcdbb8bb614c9011874da5d744edc1db3a9bc9bea28e13301d

HTTP Headers

GET /sb/interstitial/sweep/default/stories/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w0.123movies-la.com
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 23:17:02 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-59a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 74606
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zeLF934g8Wkh%2FdQEjIKsC6NBZnCTdiMIGejlNruEtcxqAgpJhIEi1HER2HhCp2E%2Bm7LU9XkO%2BAgx%2FWzJ7lgwi09j2OLg9ry4Kr2h%2FboKgG%2BHLBbiwROt2oid5A%2FITsdXegEm%2FBwO0v8R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec33af7b7ab51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://w0.123movies-la.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 49705
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

w0.123movies-la.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js

172.67.178.46

200 OK

3.7 kB

URL GET HTTP/3
w0.123movies-la.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
IP
172.67.178.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subject123movies-la.com
Fingerprint1C:02:AD:3A:25:86:A1:FD:96:65:1A:8A:52:FA:9D:65:4F:5B:E6:15
ValiditySun, 07 Apr 2024 04:19:41 GMT - Sat, 06 Jul 2024 04:19:40 GMT

File type
JavaScript source, ASCII text, with very long lines (7764), with no line terminators
Size
3.7 kB (3703 bytes)
Hash
c59d928b171de6fac3c0677cea460da8
3a340df8479049a71e7b99f2949dfde43a9d3ba1
7751f978cf7271f51272b7793aad92e8a7bf2a05a6adf1f80a137fa9346706b0

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js HTTP/1.1
Host: w0.123movies-la.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 23:17:00 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
vary: accept-encoding
content-encoding: br
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q070v5PTFFaFKdu390U3GhhLtXnYXrNh2c3k%2FGD3xaOi9Ghtnh9ACk6%2F721MhJQ%2FqVLpSlc7mxaIMkw0NGQ6XSvDdCCX6wHw65vitfBUIqAWD3A3f%2FPah5lsLFS6MrmJVQC527Yf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ec33a49f67569d-OSL
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/animate.css

188.114.96.1

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/animate.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
79 kB (78693 bytes)
Hash
5982c5377696d20476871062646b253f
8bf2c93fa9ccc908f7df0fb7abb911bbac3e4242
4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4

HTTP Headers

GET /sb/interstitial/sweep/default/stories/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w0.123movies-la.com
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 23:17:02 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-13365"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 74606
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FgWuo5uuytFzX2hsdQ%2F27YOEWX2Ot3Qtn5bxWKi5vmSj96WQzcY0O4tH1%2Fh5TFu%2BPzY91lw7y%2Bqa2I7pJaKFBi35fnzi6VF6uMeSFJdA%2FKVuY3P11VRmSzWxzAZ%2F0T56OvYmqiaiM13f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec33af8b7eb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

w0.123movies-la.com/js/app.min.2.js

172.67.178.46

200 OK

64 kB

URL GET HTTP/3
w0.123movies-la.com/js/app.min.2.js
IP
172.67.178.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subject123movies-la.com
Fingerprint1C:02:AD:3A:25:86:A1:FD:96:65:1A:8A:52:FA:9D:65:4F:5B:E6:15
ValiditySun, 07 Apr 2024 04:19:41 GMT - Sat, 06 Jul 2024 04:19:40 GMT

File type
JavaScript source, ASCII text, with very long lines (63412)
Size
64 kB (63475 bytes)
Hash
95fcaba0e70babdf8718fe7ed294ce05
08de5e47487e68c11f78010c43a346da1c32cf7a
5577efa0234ac4f57f5a86064d4c8eaf66398e9b60b4be2b86587ac21c5f89fe

HTTP Headers

GET /js/app.min.2.js HTTP/1.1
Host: w0.123movies-la.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/movie/fallout-season-1/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 23:17:00 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:45:48 GMT
etag: W/"f7f3-616edae5c458e-gzip"
cache-control: max-age=216000, private
expires: Sat, 11 May 2024 23:17:00 GMT
vary: Accept-Encoding
x-powered-by: PleskLin
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VuQgSf%2F6WmTSmoMStQtpd0SwksvmO%2BI9ybJbUqSSbbRM0TlSKAf3FvTUL68ul4zX0PJNgKMhsF9hLrUtQ4x9nFnq4bLnookSGOd3pokOQ0VfTBcS2tZchc%2FI9vTRXwskYVVWSUkU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ec33a46f4a569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

addresseepaper.com/sfp.js

3.64.163.50

410 Gone

113 B

URL GET HTTP/2
addresseepaper.com/sfp.js
IP
3.64.163.50:443
ASN
#16509 AMAZON-02

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subjectaddresseepaper.com
Fingerprint04:E2:47:07:1C:BD:EF:52:CF:38:CF:90:4A:39:37:9D:0A:C0:4F:FA
ValidityWed, 10 Apr 2024 19:36:56 GMT - Tue, 09 Jul 2024 19:36:55 GMT

File type
HTML document, ASCII text, with no line terminators
Size
113 B (113 bytes)
Hash
13fb46419b3d9afffb93787911a8ccda
10217383bb7b2385be0f150364f46e14b2861c1b
1670b2800b3b3f31fca4dbd213fd674023d54e30b7e46a6878431b586f83a8f7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 410 Gone
server: openresty
date: Sat, 04 May 2024 23:17:00 GMT
content-type: application/javascript
X-Firefox-Spdy: h2

allowsmelodramaticswindle.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Findex.html&l=1125&fd=120

172.240.108.84

200 OK

0 B

URL GET HTTP/1.1
allowsmelodramaticswindle.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Findex.html&l=1125&fd=120
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subjectallowsmelodramaticswindle.com
Fingerprint6C:2F:35:6B:A6:2B:D6:CB:51:92:E6:81:B3:98:25:B6:5A:B8:26:42
ValidityTue, 30 Apr 2024 15:29:17 GMT - Mon, 29 Jul 2024 15:29:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Findex.html&l=1125&fd=120 HTTP/1.1
Host: allowsmelodramaticswindle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 23:17:02 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

w0.123movies-la.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

172.67.178.46

200 OK

12 kB

URL GET HTTP/3
w0.123movies-la.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
172.67.178.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subject123movies-la.com
Fingerprint1C:02:AD:3A:25:86:A1:FD:96:65:1A:8A:52:FA:9D:65:4F:5B:E6:15
ValiditySun, 07 Apr 2024 04:19:41 GMT - Sat, 06 Jul 2024 04:19:40 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: w0.123movies-la.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/movie/fallout-season-1/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 23:17:00 GMT
content-type: application/javascript
last-modified: Tue, 30 Apr 2024 15:12:53 GMT
etag: W/"66310a75-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F5sj2bp3KLUJIdGDzZ8dELJC1%2BB2DXvywDzPE%2BCX4BfkKgXapxipFCRiIU5YUvxmOzNDrtD3IWOVFm7GWjWGXMuJPNAdSE5NCYqj1AKvHZL%2FX4wethL9RlaCUT1Qtb4vX4cPqWt9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec33a39ecd569d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 06 May 2024 23:17:00 GMT
cache-control: max-age=172800, public
content-encoding: gzip

23.redirects.store/movie/fallout-season-1/

104.21.39.90

301 Moved Permanently

76 kB

URL User Request GET HTTP/2
23.redirects.store/movie/fallout-season-1/
IP
104.21.39.90:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectredirects.store
Fingerprint2A:DF:EA:B4:13:0A:A6:25:94:4B:C3:A2:D4:95:5C:F2:A7:C2:78:FA
ValidityMon, 15 Apr 2024 13:55:20 GMT - Sun, 14 Jul 2024 13:55:19 GMT

File type

Size
76 kB (75870 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /movie/fallout-season-1/ HTTP/1.1
Host: 23.redirects.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 04 May 2024 23:16:59 GMT
content-type: text/html; charset=iso-8859-1
location: https://w0.123movies-la.com/movie/fallout-season-1/
x-powered-by: PleskLin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dX9RMjsrStotDO27ViHWfKOsTB8syn4s8svoLsBLS%2FyQNSaqZ01uHpL3xcSrH0lO3gZlZASrfJ3KQIM84ZAKtNia54koC9ApegfMIl0wIfa%2BtP%2Fa4j6LYuU2m%2BXi9zQHtR1%2BNdo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ec339f595856c9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/script.js

188.114.96.1

200 OK

321 B

URL GET HTTP/3
cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/script.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text, with very long lines (343), with no line terminators
Size
321 B (321 bytes)
Hash
4f46dc256e627bbc1fa54e2996e30b25
56ff1d7676599e3d1ddbee84dad29f2a2bece6ce
6933ea1db439c96d670e6ce25bcbfa19052ce0626fee500df36d11167636d6c3

HTTP Headers

GET /sb/interstitial/sweep/default/stories/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w0.123movies-la.com
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 23:17:02 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 74604
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q1L6UFAzUY8GO8eP1wuw8jvhqYqrFSUALzZvnyiHGcMAEIRr6U3%2Fn0%2Fgh%2F0DNLEmdENMPSI0bcveo4rDmxrN8oGFSeacU5WkkzvLjNeCOKBMbROFEZDlMs32%2BO5cX%2BjRcQtyDcwm%2BsoV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec33b07d1656bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/jquery.min.js

188.114.96.1

200 OK

87 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/jquery.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
87 kB (86659 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /sb/interstitial/sweep/default/stories/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 23:17:02 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 370742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aMQtSjlMAzEPQCmTwCYYJPqC9Os2I%2B%2FQhfPp4VD6y8krtBIXBRegZ9VPF7d8cSHwHooGl%2Bs58PVEARM6WFy21tGMsk8GO4kd0yDNEE9VUT126dCLZpMM425qh7%2BcrX9VL68Q1qb85W%2B2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec33b01ce456bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

allowsmelodramaticswindle.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fstyle.css&l=1434&fd=40

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
allowsmelodramaticswindle.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fstyle.css&l=1434&fd=40
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subjectallowsmelodramaticswindle.com
Fingerprint6C:2F:35:6B:A6:2B:D6:CB:51:92:E6:81:B3:98:25:B6:5A:B8:26:42
ValidityTue, 30 Apr 2024 15:29:17 GMT - Mon, 29 Jul 2024 15:29:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fstyle.css&l=1434&fd=40 HTTP/1.1
Host: allowsmelodramaticswindle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 23:17:02 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

w0.123movies-la.com/images/play.svg

172.67.178.46

200 OK

407 B

URL GET HTTP/3
w0.123movies-la.com/images/play.svg
IP
172.67.178.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subject123movies-la.com
Fingerprint1C:02:AD:3A:25:86:A1:FD:96:65:1A:8A:52:FA:9D:65:4F:5B:E6:15
ValiditySun, 07 Apr 2024 04:19:41 GMT - Sat, 06 Jul 2024 04:19:40 GMT

File type
SVG Scalable Vector Graphics image
Size
407 B (407 bytes)
Hash
48505649d8cb5051e75d680c927dd550
724efb7927f1f321c51aa7f8393e1b8878dab4d6
260076e80b16802a93d1d566d2e74349da3bc0d2bb26378b6c9676390ed6b4fd

HTTP Headers

GET /images/play.svg HTTP/1.1
Host: w0.123movies-la.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/movie/fallout-season-1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 23:17:00 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Apr 2024 15:45:48 GMT
etag: W/"197-616edae5a1ec3-gzip"
cache-control: max-age=2592000
expires: Thu, 30 May 2024 18:54:39 GMT
vary: Accept-Encoding
x-powered-by: PleskLin
cf-cache-status: HIT
age: 361341
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ANCfPXndEpeOM%2FB8%2B9iVeEyCAPB4vcOltFuEG9WzCywzKmpPLPkBSjSZ%2F%2F8mbfWGBDZkwIoeAA90%2FXAYTxmP%2FiVpu%2B93OHVeCmPkMjfGnokowVOnf5Q%2F1otrjxm7jHfyGwLtq4UC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ec33a3dee3569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

123movies-la.com/movie/fallout-season-1/

188.114.96.1

301 Moved Permanently

76 kB

URL User Request GET HTTP/2
123movies-la.com/movie/fallout-season-1/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subject123movies-la.com
Fingerprint1C:02:AD:3A:25:86:A1:FD:96:65:1A:8A:52:FA:9D:65:4F:5B:E6:15
ValiditySun, 07 Apr 2024 04:19:41 GMT - Sat, 06 Jul 2024 04:19:40 GMT

File type

Size
76 kB (75870 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /movie/fallout-season-1/ HTTP/1.1
Host: 123movies-la.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 04 May 2024 23:16:59 GMT
content-type: text/html; charset=iso-8859-1
location: https://23.redirects.store/movie/fallout-season-1/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilEja7thJdY8Wbo%2BTjccluwx%2Fi%2BH69D5QD3XxjEWu%2FSwXkpgyaD87peGW6HVoEGHaMDZ8uKNugf3nMQ3CeoiQEzVQp3Q11or5v4dzYvdmLtOTgehDvzCgOyNboCG1uaOK0Z0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ec339e2f5056bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i0.wp.com/

192.0.77.2

400 Bad Request

0 B

URL GET HTTP/3
i0.wp.com/
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 400 Bad Request
server: nginx
date: Sat, 04 May 2024 23:17:00 GMT
content-type: text/html; charset=utf-8
x-nc: HIT arn 4
alt-svc: h3=":443"; ma=86400

hoardpastimegolf.com/pixel/sbs?c=1

172.240.253.132

200 OK

0 B

URL GET HTTP/1.1
hoardpastimegolf.com/pixel/sbs?c=1
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerLet's Encrypt
Subjecthoardpastimegolf.com
FingerprintF5:0F:63:9B:DB:38:72:C3:A6:87:C8:B7:A3:11:3B:2B:1B:FA:AE:88
ValidityMon, 29 Apr 2024 08:13:22 GMT - Sun, 28 Jul 2024 08:13:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: hoardpastimegolf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Cookie: u_pl=18719635; uid_id2=ded948cb-514d-4a24-a9a4-4c5e0e67a8fb:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec89ab21fd5e23690514167a08b906efa4=[5210994,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 23:17:02 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

i0.wp.com/

192.0.77.2

400 Bad Request

0 B

URL GET HTTP/3
i0.wp.com/
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://w0.123movies-la.com/movie/fallout-season-1/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w0.123movies-la.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 400 Bad Request
server: nginx
date: Sat, 04 May 2024 23:17:00 GMT
content-type: text/html; charset=utf-8
x-nc: HIT arn 4
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash