| fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2 |  216.58.207.227 | 200 OK | 20 kB |
URL GET HTTP/2fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2 IP216.58.207.227:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20040, version 1.0 Hasha61c670a24d6794a95a9712f0d12b656 c9b3114b27790109ec51508f51f1a033ccfe0812 a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
GET /s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 00:37:32 GMT
expires: Wed, 23 Apr 2025 00:37:32 GMT
cache-control: public, max-age=31536000
age: 184993
last-modified: Thu, 14 Sep 2023 00:51:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| en.yts-official.mx/movies/poster/apple-music-live-jennifer-lopez-2024.jpg?v=1 | 172.67.202.34 | 200 OK | 36 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/apple-music-live-jennifer-lopez-2024.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hash6b7b7314b8baf8a80fee70f34b05c3df ed79b062026393196ee9961f7a35fe2f779804b8 2245efb9d9be473821c91e215b4bd06c7285d2c258c25bf0daf7f2023ac1dfd5
GET /movies/poster/apple-music-live-jennifer-lopez-2024.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 36532
last-modified: Mon, 26 Feb 2024 22:34:07 GMT
etag: "65dd11df-8eb4"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2jqImnm4IzzIYGpIwMWTSg26o%2BR3sS20Z%2BPcS5uXuT1b5QrObFfhoa9IQAKznpRE6M2w0IeIfVA7fpSQE41pdyxVw532rbS3z1738RXHgDMAF82F84iwKc4%2BfCYEazkrWBmI5AA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88bf0e56b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/movies/poster/palatak-1963.jpg?v=1 | 172.67.202.34 | 200 OK | 30 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/palatak-1963.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hash30d0d5478e973f7c95d8b2a5baed5ba3 3f50ff3d11b7b7fff9202047e1d0ed259be0d51f 5333dc561359924631f805ee40f621cbb98f9924f8489221159fc7f27e7c414c
GET /movies/poster/palatak-1963.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 30539
last-modified: Mon, 26 Feb 2024 22:34:08 GMT
etag: "65dd11e0-774b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bo5Dee9YC8AGawHzbs1e2xJkiCmxj2Pdli4lR0wh8Y7g8cXZ%2Fxteed5ab5KECLkO59JpeLpbt5%2Fdb0iFHGX8i9xDwNDgqbQQ5lUTRS%2Bwxc8pQGiaRkG87egUi6KIphKRbeYjJ0o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88bf0d56b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 | 172.67.202.34 | 200 OK | 39 kB |
URL User Request GET HTTP/2en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 IP172.67.202.34:443
CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeHTML document, ASCII text, with very long lines (1734), with CRLF line terminators Hash40be4052f518f3e3ffe19176238b6c28 18460e305b0e303f1fb7069ff9b437b89f14cdc3 555adb3e2a7a7928708d2b8d104c983a6dd5de80c546dfd29c541d9c1167a61d
GET /browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 04:00:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kbyHinLu1yf932H3JO3sU%2BEtOUQCWdVgN0uNEJ9HJzIM3jtSnfnoH1CnaLZmhfzIrm8xHEbTNKhPHtJnG2LJelxHzaRgd%2BkoeHIEBoZ9UiMJdnxijvgYdr5AWw3Mk5Eyj%2FkBZAM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b6d85acb0b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| en.yts-official.mx/movies/poster/london-2012-olympic-opening-ceremony-isles-of-wonder-2012.jpg?v=1 | 172.67.202.34 | 200 OK | 32 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/london-2012-olympic-opening-ceremony-isles-of-wonder-2012.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hasha020ce70e2c8c4b2fd2fe666677168a0 103969d72083d33ff8ddb15f42030c72b6dc4657 ec1caf8f49644e6e5a3db3c137592e1216b752aa57721e51678e981b6bedec7c
GET /movies/poster/london-2012-olympic-opening-ceremony-isles-of-wonder-2012.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 31713
last-modified: Mon, 26 Feb 2024 22:33:18 GMT
etag: "65dd11ae-7be1"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5rnl9qMkgd5SbCv%2Bcql1pQ0E9Asddlp1pdQKKat2F4Eu84ivJgcZQ6%2B8jIvKWOX2%2BjS08AHSOJQWA0LBGS0r6LW5Tn3U%2BPW8hBMwLXcP7c8vAsUhmKUl1FROy6Gv5N5Cfao9pOM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88bf1156b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/movies/poster/turtles-can-fly-2004.jpg?v=1 | 172.67.202.34 | 200 OK | 25 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/turtles-can-fly-2004.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hashe1761f6de1bbf9408ff266da76f43260 f06e849f3c9a9e2f7d3dcec614c48ded04c2e979 e800a29ae96b80b7105aeff58ccdbd7b3adcd489870eb9aa33fb576cf3e55f16
GET /movies/poster/turtles-can-fly-2004.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 25292
last-modified: Sat, 24 Feb 2024 22:33:06 GMT
etag: "65da6ea2-62cc"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kZS981SOFsvSC1lmRUQrl46Ayh%2FfZ5fDgWqAGUeesuI1n2iX%2BUzJAAzUPO22Ixs8KLKHcr3HpIKEgcA6%2BT%2BJOCJKrkW%2Btj64SheWRumOzk8KEzMmcsVQ%2BSbmQbJR8uLN47Q%2B064%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88bf1256b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/movies/poster/one-week-1920.jpg?v=1 | 172.67.202.34 | 200 OK | 31 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/one-week-1920.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hash71c17b5d38098425edf5139517933602 7b86f4f29e12315c2a0826f6b229d4d7534fd595 531b1299886078d90af33e1e60de30a06e583ec55c987c9165e9079496ef89cd
GET /movies/poster/one-week-1920.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 30745
last-modified: Fri, 23 Feb 2024 22:33:11 GMT
etag: "65d91d27-7819"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G3UcsLD7ru5m4BlszJsNIE%2BfNu2zZT%2FG%2FnUZJBVKiHSlsh7nw6NWGTCuE5aImRC%2FbSps%2F7HDI5K6OFfc3ZN8dBlVGt5lF93rO9m7ptR42kcR9jALuf2DnNQW6s3nDKA%2FbMsq%2FHI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88cf1456b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/movies/poster/the-snowman-1982.jpg?v=1 | 172.67.202.34 | 200 OK | 29 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/the-snowman-1982.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hash22130758320929140895bd603aa04891 e4baccd619bb6552057b961dfecb87776094ba39 09bad8b820bbb7f6a02bf7e2b00dcc8ef2a9e1664faf846042d1b473e6b38f7f
GET /movies/poster/the-snowman-1982.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 29139
last-modified: Fri, 23 Feb 2024 22:33:15 GMT
etag: "65d91d2b-71d3"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7cY%2BO1oWx26%2FmARTxvJRIklmwb9bM%2BLU7OXBNC63wzD%2F365dMSJAiZ%2FxqTjMjywqh8NeMugtCLQyXof0YCxvHRBAeSmpn35Zax0EL1DRM0wpsOPDYox8x3DBX1BmDbgCvMjxbqg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88cf1356b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/movies/poster/world-of-tomorrow-2015.jpg?v=1 | 172.67.202.34 | 200 OK | 24 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/world-of-tomorrow-2015.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hash06788bf227e67373df32969c5e27cbf1 99d5769114c723864667a1c2bf1ca2848bdc0785 3df7152f8139873675a77a90ddcdff10dec06d16f26a96b7a06452878953c364
GET /movies/poster/world-of-tomorrow-2015.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 23469
last-modified: Fri, 23 Feb 2024 22:33:10 GMT
etag: "65d91d26-5bad"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E1HIDHg4JLP3wAv1S0EGgN1URYaJ69Q55zN832stkTJZJ4IuYoucWXyOUUzYOCGlT1Er1hnJCGeIKvxh04ylSMBbpTOvoRbMbn4THMv6UfnzJrLdFNIlvXYN4v01htAw5bJvoIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88cf1556b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/movies/poster/james-acaster-cold-lasagne-hate-myself-1999-2020.jpg?v=1 | 172.67.202.34 | 200 OK | 30 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/james-acaster-cold-lasagne-hate-myself-1999-2020.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hashd0782670f121b3d3a9b97d766f072348 826e67e2d9661319e00cce368a994193a0514b53 38ba471578ff4efba7312b28e74293d3a34bebba61eeae68780197efde0586a6
GET /movies/poster/james-acaster-cold-lasagne-hate-myself-1999-2020.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 30496
last-modified: Thu, 22 Feb 2024 22:33:05 GMT
etag: "65d7cba1-7720"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4G0jz8GutZWW7WE0zeuJdV1ps6419ozNL79U13GKW4ox4AtFD%2BzfDLO%2B9eNB6IjJZRZ15tkNCcXkSyBSCkOzsRlF7myl0z3HBgUSFVFBKu5I2k5qrIra816mDxBUQrxk0gtOnGg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88cf1856b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/movies/poster/pink-floyd-the-dark-side-of-the-moon-2024.jpg?v=1 | 172.67.202.34 | 200 OK | 14 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/pink-floyd-the-dark-side-of-the-moon-2024.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hash34e09c8468eb2ee24dbd1c43f778316c 3beca36b6eb0179a35910ae75b301891d8f93013 0a3c18f7f88aefec77c21611c3f1ebddc1c6737fe838efee76543db220b030bd
GET /movies/poster/pink-floyd-the-dark-side-of-the-moon-2024.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 14293
last-modified: Wed, 21 Feb 2024 22:34:12 GMT
etag: "65d67a64-37d5"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q6I8GfACXChhRSm4m7s%2FMmERx8z1TNgK5dCL1EkavYNOTA%2BAfC5VH5WLNLzptWesQW2AhaNm85KCkNKHDLu1c6qkMdDRKkGVOl7BawPn64nwv1caJy%2BMxUT5viP1AC%2FQJ2T3%2Byk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88cf1c56b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/movies/poster/mash-the-comedy-that-changed-television-2024.jpg?v=1 | 172.67.202.34 | 200 OK | 30 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/mash-the-comedy-that-changed-television-2024.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hash374f7dd4f32e8693c9783bda037e2b2b e8946af715261e7cdc865bdce8379da9b559aecf 92796fd2fd5b07148a2772047c39ef4b154a7600a544cb891670aaf6c1808bae
GET /movies/poster/mash-the-comedy-that-changed-television-2024.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 30222
last-modified: Wed, 21 Feb 2024 22:34:09 GMT
etag: "65d67a61-760e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bymKVRTrWOLPTBOXS7FpFkc6MFSp9ujH7C4pW4ZxBXdxCGcS9nYJIZvgNFlQfVBop0Lki6vqqQozKUtMADJv6Ys1yjI7%2FjQUG55DJEI7CpWpXBY6aj5bVZV0Ej%2B5oavmvpktRlQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88cf1d56b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/movies/poster/pignorant-2024.jpg?v=1 | 172.67.202.34 | 200 OK | 12 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/pignorant-2024.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hash81fa0aa5d19d14c3a83a7fc3a3ca0e1b ba9961b4ec62a2a7ba968ba5d662c4123bc23514 5e82006019afcf634e1ee1ef069c887b69eb61e2fc3ebe979bbe9d04b9c7b0dd
GET /movies/poster/pignorant-2024.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 11938
last-modified: Mon, 19 Feb 2024 22:34:12 GMT
etag: "65d3d764-2ea2"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c6AqgGefYIh89o7U9p6ot215K88nJkEklSgCIcUurd%2BrTDYdraBjurhe%2BXJbwxmoAiophWBYTVCcI9nv1uHhcPPs55Bgfn%2B8jh6wOmxa7aOzjc4c9BTlThPQimh%2F1pAfSNTb%2BO4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88cf1f56b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/movies/poster/giannis-the-marvelous-journey-2024.jpg?v=1 | 172.67.202.34 | 200 OK | 12 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/giannis-the-marvelous-journey-2024.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hashfc225a1adcf30dece8e24b28dca6f6ba 4094b9738ecfb151b2751cc7509a8be8274f5efc c8eef9a9e592d1ae01d6c0b58374203179269b6eb3ce8600aa06330352b59b5d
GET /movies/poster/giannis-the-marvelous-journey-2024.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 11792
last-modified: Mon, 19 Feb 2024 22:34:08 GMT
etag: "65d3d760-2e10"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iOAO7zVj3pv8bTIsi%2BVTNBYeYkvBoyuHjGF88P06sCTuR%2FpOx5%2BKtmRuI5194J4JMH7AFxM2x4ZJI0Z4WvyxeduvYDlSDdkpF7vM40skj5zDL2tbBsqT1VRPGwhVJEn4UseMkIU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88cf2056b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/movies/poster/shelter-2010.jpg?v=1 | 172.67.202.34 | 200 OK | 19 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/shelter-2010.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hash90543011d1b829d54f49ed9b11e0f1cd e33ccaac342ca7b7faa569d576eed08c63f2238d 7b9d5e1f5559773f720b28e91aad026c11f459a6e2485b131f19b823f6bc11b8
GET /movies/poster/shelter-2010.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 18710
last-modified: Sun, 18 Feb 2024 22:33:59 GMT
etag: "65d285d7-4916"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4MapbEyUc1iSdqYwEbUFam4DnSY%2B4Eu%2Bqs94y%2FOaGci7ebQFfJ5HMWOCQ9ZoD9WNTaoTcQrBf8XGxAGf%2FNdnrQhRDgbOW6YAii4srIIcQ9JJQV15tGncqJSUwqjZeXlPBygWhR0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88df2156b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/movies/poster/a-pebble-in-the-pond-2022.jpg?v=1 | 172.67.202.34 | 200 OK | 33 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/a-pebble-in-the-pond-2022.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hash12d74061430fbcdebcb4bc1444da7b8c 1d373214f50aa0f7a69f50583010784cf81924cd 626b5b76ed39d5b077a9b1ac1ecc5c5242a5652c640cc39557ac9e710ce964cd
GET /movies/poster/a-pebble-in-the-pond-2022.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 33228
last-modified: Sat, 17 Feb 2024 22:34:05 GMT
etag: "65d1345d-81cc"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Db%2FQmqP1IrisqXqi50IX0LRB0iMp7t09BwDycZbLqaftwkCMdygYCpDf00uy0sgxjdl0uyI67RzwaIohFsSH6n%2BsWe3nvCKhAvyUhDbJmKwzPKoyihyRbSeMDLZBem8ifCLafmw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88df2356b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/movies/poster/lisa-mania-2021.jpg?v=1 | 172.67.202.34 | 200 OK | 27 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/lisa-mania-2021.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hash1dfb95bac7074515ef7f92abd540dba3 29a8f99f91a56cff375ced65783500ea00932d1d a0d6480080eaba4bb950e53594a2d6eb1a02664a861bbfeedcad694301c2244d
GET /movies/poster/lisa-mania-2021.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 27407
last-modified: Sat, 17 Feb 2024 22:34:05 GMT
etag: "65d1345d-6b0f"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJLCqQiRSpobnUx5sDv0XShb2Vq79iXtl8SHsfqC2vQuuUQKpMLKJyzeo%2B7NTiNPek1LLhkH0J99FIAMDFfb59yHsRgJPGkl9jH%2FsGnCF7ImY%2FxRyG7TcdKV2LnAXLyqdzss04U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88df2656b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/movies/poster/williams-mansell-red-5-2023.jpg?v=1 | 172.67.202.34 | 200 OK | 27 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/williams-mansell-red-5-2023.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hashe8ca7eaa1488cdb4fd9a07aa1aad0b60 7b6c24ba5c372b64509de1e35d2e761472eec54a c960dabc6091c87349b156b28376b876da2c1c70acd50bb13c57f284ffae1581
GET /movies/poster/williams-mansell-red-5-2023.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 27318
last-modified: Sat, 10 Feb 2024 22:34:17 GMT
etag: "65c7f9e9-6ab6"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tx54UKwtWOHwySzmmL9spTZnDCBfOt7WuChTgiOYHuS0M%2FCK%2FVHvwdPIXDFHtvlrr4tL7DrY79HZHulb2NfN691zxngFt7ULnRCIm7SW7rvrSYhXHMS%2BFlR91nIq60OgNjNEp1w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88df2756b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/arimo/v29/P5sCzZCDf9_T_10c9CNkiA.woff2 | 216.58.207.227 | 200 OK | 22 kB |
URL GET HTTP/2fonts.gstatic.com/s/arimo/v29/P5sCzZCDf9_T_10c9CNkiA.woff2 IP216.58.207.227:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 22052, version 1.0 Hashf0e48ce2beda9e8cbd7d915bf1b1ae71 3dc1cfff1759b0959cc7fb17517651ec850d584d b2504b3c20c2feb37e78773b788dd09a9cc43c9f36086bc1e2f83a6366ebaa34
GET /s/arimo/v29/P5sCzZCDf9_T_10c9CNkiA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:47:08 GMT
expires: Fri, 25 Apr 2025 02:47:08 GMT
cache-control: public, max-age=31536000
age: 4417
last-modified: Thu, 14 Sep 2023 00:00:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2 | 216.58.207.227 | 200 OK | 20 kB |
URL GET HTTP/2fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2 IP216.58.207.227:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20040, version 1.0 Hasha61c670a24d6794a95a9712f0d12b656 c9b3114b27790109ec51508f51f1a033ccfe0812 a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
GET /s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 00:37:32 GMT
expires: Wed, 23 Apr 2025 00:37:32 GMT
cache-control: public, max-age=31536000
age: 184993
last-modified: Thu, 14 Sep 2023 00:51:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| en.yts-official.mx/movies/poster/king-a-filmed-record-montgomery-to-memphis-1969.jpg?v=1 | 172.67.202.34 | 200 OK | 17 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/king-a-filmed-record-montgomery-to-memphis-1969.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hash0fd54966b3af8c37d2a97783c1348336 c62984dcb175859d810c93a40929d410ad4bb482 af9cd1f412d9b1c778fb9d4efcb9db88388ecf1ce58aa7806dc2a98a3920ac0b
GET /movies/poster/king-a-filmed-record-montgomery-to-memphis-1969.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 16929
last-modified: Thu, 22 Feb 2024 22:34:07 GMT
etag: "65d7cbdf-4221"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rvrn3iklVDDQZFhF8eRybWbiSoxKpHi0CiPXgzYRtem7BGSaLGuChZ%2FNKM4BDXibA734lnjqTB8%2BXf6t%2BpWMYJYUrcpZSBfWcSctnrJYh79VF1WwdVM4yNpG3TTsebb8xxjAMX8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88cf1656b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/movies/poster/rookie-season-2022.jpg?v=1 | 172.67.202.34 | 200 OK | 28 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/rookie-season-2022.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hashb4675fec6f74e80239565565080309a1 23179ecef09d592f301e92a4c3251195133c66d9 bb9f5f9fee200ae29bbf6e7373b3b7ff8a2edf9a68f583159811b869005bdfdf
GET /movies/poster/rookie-season-2022.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 27853
last-modified: Tue, 20 Feb 2024 22:34:12 GMT
etag: "65d528e4-6ccd"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rMOz9%2BuEY8OXfneLKi6F5k3NKEm39Po4BAGd6YQSf%2F4113cRv6YWRSpWIelEZBSIZNJ8WYW3jAo1C7EXs16UgwPYuLRpqbeOdQsDCHZWh4HyOqVC3bHE1QakdOsfB9lq%2BeIv3zI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88cf1e56b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/movies/poster/reel-rock-13-2018.jpg?v=1 | 172.67.202.34 | 200 OK | 33 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/reel-rock-13-2018.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hash474701bf73c6fea1439d71fee5897656 f431e2392febdf99a9e87e7203b53cf749baa3ef c27130365a4d29c96849ab895b3a9fbb2194eda945910b72bfbf7c83d5734b6d
GET /movies/poster/reel-rock-13-2018.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 33025
last-modified: Wed, 21 Feb 2024 22:34:12 GMT
etag: "65d67a64-8101"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wH%2FP38wKGrZCoqH1MxjZQ%2FyC4VdkFjwEAgz59KqQvBhL7h4jg%2FTWgjiMLWrh4MfZ1T3guKFaJYU3uwD6IsC2jLVqTam%2Btk8%2Fk2UuJAmnxUT4dgrgrj8OMq%2BPKLrl2%2FpIpWFZPFg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88cf1b56b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/static/yts/fonts/icomoon.woff?fmg7s2 | 172.67.202.34 | 200 OK | 3.6 kB |
URL GET HTTP/3en.yts-official.mx/static/yts/fonts/icomoon.woff?fmg7s2 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeWeb Open Font Format, CFF, length 3560, version 0.0 Hash4e54891305c71736de2da03f14b57434 fbf29db32b5514cad7a908167ce63c76a91a2f12 332ec1d337a38ad421deff49f3585da56563253756da3870b26b46bd025f96e4
GET /static/yts/fonts/icomoon.woff?fmg7s2 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/static/yts/fonts/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: font/woff
content-length: 3560
last-modified: Mon, 19 Feb 2024 03:18:39 GMT
etag: "65d2c88f-de8"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sCfcM8W%2BKTWltbTRthaIF9YdKeYiDHjBaWZA2t5jXPB3J5IuCsL8znQWvYrCc1fKnXykcDY1u1dkemHwR43BXqO5DAlwiKQ0RRveikAEruerkwSzYq%2Bz3uqOYFvcapgERJBOYWg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d89af6356b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| growingcastselling.com/b1/27/0e/b1270e96b85c3dd200807d09a940c676.js | 172.240.253.132 | 200 OK | 31 kB |
URL GET HTTP/1.1growingcastselling.com/b1/27/0e/b1270e96b85c3dd200807d09a940c676.js IP172.240.253.132:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerLet's Encrypt Subjectgrowingcastselling.com Fingerprint3E:B6:D3:62:BC:57:AD:19:9E:FA:67:C4:B3:FA:10:7C:98:4A:71:2B ValidityThu, 18 Apr 2024 13:01:11 GMT - Wed, 17 Jul 2024 13:01:10 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash3a41454490ff24461e17bf8da91a6133 a6215340f4b5974778e4562ca13022c6e72034c8 fa40c85ce72ed5f9f9013676c8589b857488e1e5bd6cf02ef8f8debe437cf0a9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /b1/27/0e/b1270e96b85c3dd200807d09a940c676.js HTTP/1.1
Host: growingcastselling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 04:00:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-2931_layer=1; expires=Sun, 28 Apr 2024 04:00:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b549fc98b3d988f3f3f49e5144c63a26
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| growingcastselling.com/0a/2f/9b/0a2f9bfefa2d59b6782f748beec9f30e.js | 172.240.253.132 | 200 OK | 16 kB |
URL GET HTTP/1.1growingcastselling.com/0a/2f/9b/0a2f9bfefa2d59b6782f748beec9f30e.js IP172.240.253.132:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerLet's Encrypt Subjectgrowingcastselling.com Fingerprint3E:B6:D3:62:BC:57:AD:19:9E:FA:67:C4:B3:FA:10:7C:98:4A:71:2B ValidityThu, 18 Apr 2024 13:01:11 GMT - Wed, 17 Jul 2024 13:01:10 GMT
File typeJavaScript source, ASCII text, with very long lines (44009), with no line terminators Hash40ff76561898061ea8217223ce25f5f5 35bec01dc95335def0e0d1d9d56aad8a70c69731 c33a44e73b5b7152848599ce978c32c13252e8377593c632f9ef0726800f542f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /0a/2f/9b/0a2f9bfefa2d59b6782f748beec9f30e.js HTTP/1.1
Host: growingcastselling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 04:00:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2fd3da967a6bba2741b287154856b929
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats |  35.158.46.84 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP35.158.46.84:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash15d2ddae4e253826e9068343bf4bcc2b fa1c9bbbedefaf86c16ee2697f0cf11325618d08 2e26cc89d645d3ca0f521d79d79f37c013a42246ff4fc326e17cfe5d7b7d9f5e
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://en.yts-official.mx
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=cfc34a23-9089-43a9-a274-5e62ad6d8803:3:1; expires=Sun, 23 Apr 2034 04:00:45 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| en.yts-official.mx/static/yts/fonts/fonts.css | 172.67.202.34 | 200 OK | 10 kB |
URL GET HTTP/3en.yts-official.mx/static/yts/fonts/fonts.css IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeASCII text, with very long lines (1316), with no line terminators Hashb482ea655a7bad066f5aacbcbd1f8ff9 7b48d2275fc5356ae4528275502bb520244e8a4b 38fe96c34e2d963f298b4827f2ddc5a13fa1bcbe420cbbd0b5b907d5613ad1bf
GET /static/yts/fonts/fonts.css HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:44 GMT
content-type: text/css
last-modified: Mon, 19 Feb 2024 03:18:39 GMT
vary: Accept-Encoding
etag: W/"65d2c88f-524"
expires: Thu, 25 Apr 2024 11:04:43 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 17761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qwn3jDWsWfy%2BOyLeO26ApYscs6iZbBc2ZcSpmWsB9wat3XZkyFBCzN2OIx3KlrKywpDPE9laUwMq%2FcUUIp4P%2F9Amh32HJJqTmduVm08s4pMX7uMmFgLe3ehC7BiUN1v0nzM4TiM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b6d88bf0a56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| proftrafficcounter.com/stats | 35.158.46.84 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP35.158.46.84:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashbf2db67d8172fca7bfebf45828db56f7 bb309a9570e2e3b5880489d422a14d498e6de10c ceb5672ef313f6437abe96843cf0a1ad631d0057df55c2b69733771231b188f9
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://en.yts-official.mx
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=28609e31-c54c-4618-85f4-1ce7b6d9d4b5:3:1; expires=Sun, 23 Apr 2034 04:00:45 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| excessstumbledvisited.com/pixel/purst?dl=0&th=0&sc=0&rs=1357&rd=1357&fd=876&bv=24.4.5334&tmpl=70 | 172.240.108.84 | 200 OK | 0 B |
URL GET HTTP/1.1excessstumbledvisited.com/pixel/purst?dl=0&th=0&sc=0&rs=1357&rd=1357&fd=876&bv=24.4.5334&tmpl=70 IP172.240.108.84:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerLet's Encrypt Subjectexcessstumbledvisited.com FingerprintF6:CE:79:E1:1A:35:E2:A3:44:FF:13:1F:F1:48:18:54:55:70:8F:FE ValidityMon, 22 Apr 2024 09:06:49 GMT - Sun, 21 Jul 2024 09:06:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1357&rd=1357&fd=876&bv=24.4.5334&tmpl=70 HTTP/1.1
Host: excessstumbledvisited.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 04:00:46 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| capaciousdrewreligion.com/advertisers.js | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP172.240.108.68:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 04:00:46 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3c2d6147487707c595119d8adf179477
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| en.yts-official.mx/static/yts/image/apple-touch-icon-180x180.png | 172.67.202.34 | 200 OK | 7.0 kB |
URL GET HTTP/3en.yts-official.mx/static/yts/image/apple-touch-icon-180x180.png IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typePNG image data, 152 x 152, 8-bit/color RGB, non-interlaced Hashf87afcf11d459620ff02da6112365db2 d09e6d4e7db706569474bfb7ec93f31ccbd6ed69 a70913fad67537f16d871e4c456c8f4484106f6d4ef3e12fa3c3b2eceefee508
GET /static/yts/image/apple-touch-icon-180x180.png HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=28609e31-c54c-4618-85f4-1ce7b6d9d4b5%3A3%3A1; pp_main_b1270e96b85c3dd200807d09a940c676=1; sb_page_0a2f9bfefa2d59b6782f748beec9f30e=1; sb_onpage_0a2f9bfefa2d59b6782f748beec9f30e=1; sb_main_0a2f9bfefa2d59b6782f748beec9f30e=1; sb_count_0a2f9bfefa2d59b6782f748beec9f30e=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:46 GMT
content-type: image/png
content-length: 6973
last-modified: Mon, 19 Feb 2024 10:45:38 GMT
etag: "65d33152-1b3d"
expires: Mon, 20 May 2024 16:27:29 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 387196
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KjWuawHhybPuUAgAj0WPr8A9KiKU6ZjJC20%2BQ70DGQ1MyD5FSIpEc9WHAD8BpL50LKZSX%2F%2FxrAZEvTa0DKbCflpFvKrPURt9%2BhQXpPLbZ8phBOge7xQJLoQBAhbWNljfjkgIMs8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d938b9356b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/static/yts/image/favicon-16x16.png | 172.67.202.34 | 200 OK | 619 B |
URL GET HTTP/3en.yts-official.mx/static/yts/image/favicon-16x16.png IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typePNG image data, 16 x 16, 8-bit/color RGB, non-interlaced Hashea830fdd4f9a6d19aa7455dabdac987a b0d567d6b4d40959e1bd44032f6bc2331057b319 71148160c085a70d1af7708c1d52cfcf39f8ef6e4ce13f0f20c080b2e19195db
GET /static/yts/image/favicon-16x16.png HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=28609e31-c54c-4618-85f4-1ce7b6d9d4b5%3A3%3A1; pp_main_b1270e96b85c3dd200807d09a940c676=1; sb_page_0a2f9bfefa2d59b6782f748beec9f30e=1; sb_onpage_0a2f9bfefa2d59b6782f748beec9f30e=1; sb_main_0a2f9bfefa2d59b6782f748beec9f30e=1; sb_count_0a2f9bfefa2d59b6782f748beec9f30e=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:46 GMT
content-type: image/png
content-length: 619
last-modified: Mon, 19 Feb 2024 10:45:38 GMT
etag: "65d33152-26b"
expires: Mon, 20 May 2024 20:01:08 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 374378
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bn%2FpfhMWTFCreYDFKIaBoymDgZAGAx8vi27MdgneAifT%2FEjy4r6R9HUKJho0DsqKCaGOK%2FHAoTgKoVPxPRZkLDCxuXb7KEv3sLYspO%2FfTDzCQN%2BwBI0vBySnsfwfKgREqy1Cd9I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d938b9456b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| postthieve.com/sbar.json?key=0a2f9bfefa2d59b6782f748beec9f30e&uuid=cfc34a23-9089-43a9-a274-5e62ad6d8803%3A3%3A1 | 172.240.108.68 | 200 OK | 8.3 kB |
URL GET HTTP/1.1postthieve.com/sbar.json?key=0a2f9bfefa2d59b6782f748beec9f30e&uuid=cfc34a23-9089-43a9-a274-5e62ad6d8803%3A3%3A1 IP172.240.108.68:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerLet's Encrypt Subjectpostthieve.com Fingerprint4C:B5:73:17:36:A5:52:8C:0D:CC:8E:C4:1B:A3:F7:CC:16:70:06:41 ValidityTue, 23 Apr 2024 10:57:03 GMT - Mon, 22 Jul 2024 10:57:02 GMT
Hasha84e28f3a1747ddd045ef440cd08ac50 c633bb0640d387aae1c7bfe5c9abf4f41c9c9aa7 64ca7256afce8c9a273b6fecbf522fb36902db155cac706351aadadaf5165431
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=0a2f9bfefa2d59b6782f748beec9f30e&uuid=cfc34a23-9089-43a9-a274-5e62ad6d8803%3A3%3A1 HTTP/1.1
Host: postthieve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 04:00:46 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://en.yts-official.mx
Access-Control-Allow-Origin: https://en.yts-official.mx
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16587847; expires=Fri, 26 Apr 2024 04:00:46 GMT; secure; SameSite=None
uid_id2=cfc34a23-9089-43a9-a274-5e62ad6d8803:3:1; expires=Thu, 02 May 2024 04:00:46 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 26 Apr 2024 04:00:46 GMT; secure; SameSite=None
uncs=1; expires=Fri, 26 Apr 2024 04:00:46 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 26 Apr 2024 04:00:46 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 26 Apr 2024 04:00:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 013ad4874847ff9df9c85f25acd6dfe9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| postthieve.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQW8bRRSeTcIJCQnUA6gg%2BcChlYizu7bXNj1UhJAqEJqqLYIbmt2ZdYaMZ1YzO14np4hKqEfDhevmc9IIqFB7RaJCTiUOkZBixCEHcuEfgNQbCNlYGN5h3nvzfaP55pv32YG7ICEcPV97X%2B8JKelKo%2BpXrnwUBNcqm0K5fqXfij6O6tcqpvdmO6r6Vys3eLKjV0I%2F8P3ADyrrwvBU91cmIET2sB1U2361HlaDRh198%2F%2FeOg%2BWemC9C%2FISBBsvPfUuQSQjqO6jNW53cp298U7XSZprgx47%2FkDtKF0odOdlajyk6njGhrZn60%2Bg1dFULnTvX2IsxsT78QlidTwTibh3ONUZS3CFmD2PojcClyMIOkKi70GwMwIkDDe3oLoPbmpT0N1%2FUDpBx2Tp2R8QxZgs%2FXoJqvvtqhT9yh0tXS60suinJUR%2FBNEZIXMnyPcWIIoTJPmnEOwnsvJsE6p7uGWlhmDnrydpUqvTsLbc9lvt5XqNtpdp2KwvN3gUUhaxVsuvTQ0SYgSRjiD5ANQuwlkPTnhwqQeXeeiy80oSBEHTZwn1W%2B0kqbEmjyPmB7SZBjTwoxZcMnnDAHk2QCIHSMw%2BMrOPHfH5WeNdGPcD7HYJyzzYnKDHShScoLAEBSUoBEGRExS98ohJG9ryAZPWxcEsh7NcK4c67xzQI513uCKgZgDDyoPsgrw49fDPV29gh59XfBqm7TjlKQ1Zox1HzVaYNuutmPOkndZ8DitKCLsAaj3siTF5ZeNlZGJMnvvyL8T0BFaeIBEeqHsNtChBt0vsqePd3Fa14mC6RJYvId%2F1DuQFuTy9fGPrEXhyev232jSQmBKZKfGJeErQkfeHt3VBDm%2FrwpLHW1kuumKPTj73Tk5zvvj1e3y30IZtrNnBV28lE2BSPrzLbb5JFROqY8k3q4Ixbta1STj5fsN%2ByONbzm6vOqNctnnr7fWNbma4tUKrEehkTn83SMSYvHD57nRur3y3BWFGMK5E152SWUDoEZJsHzab67eawMg5J848FK4cmjCeb0pBIPm8p3EJ%2B58%2BntdDQyenqSgP7H10zAJofg%2BqW6JnSvRkCSoHsG5xmGfm9PrPMxmxXBjG0iwcxtLIL6Y2T5bHsOK80qzVfBq1G0GzSXkzroetNAoYpWE9CqOI1pDbcXr1F%2FU3AAAA%2F%2F8BAAD%2F%2Fzz%2F3wCRBAAA | 172.240.108.68 | 200 OK | 7 B |
URL GET HTTP/1.1postthieve.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQW8bRRSeTcIJCQnUA6gg%2BcChlYizu7bXNj1UhJAqEJqqLYIbmt2ZdYaMZ1YzO14np4hKqEfDhevmc9IIqFB7RaJCTiUOkZBixCEHcuEfgNQbCNlYGN5h3nvzfaP55pv32YG7ICEcPV97X%2B8JKelKo%2BpXrnwUBNcqm0K5fqXfij6O6tcqpvdmO6r6Vys3eLKjV0I%2F8P3ADyrrwvBU91cmIET2sB1U2361HlaDRh198%2F%2FeOg%2BWemC9C%2FISBBsvPfUuQSQjqO6jNW53cp298U7XSZprgx47%2FkDtKF0odOdlajyk6njGhrZn60%2Bg1dFULnTvX2IsxsT78QlidTwTibh3ONUZS3CFmD2PojcClyMIOkKi70GwMwIkDDe3oLoPbmpT0N1%2FUDpBx2Tp2R8QxZgs%2FXoJqvvtqhT9yh0tXS60suinJUR%2FBNEZIXMnyPcWIIoTJPmnEOwnsvJsE6p7uGWlhmDnrydpUqvTsLbc9lvt5XqNtpdp2KwvN3gUUhaxVsuvTQ0SYgSRjiD5ANQuwlkPTnhwqQeXeeiy80oSBEHTZwn1W%2B0kqbEmjyPmB7SZBjTwoxZcMnnDAHk2QCIHSMw%2BMrOPHfH5WeNdGPcD7HYJyzzYnKDHShScoLAEBSUoBEGRExS98ohJG9ryAZPWxcEsh7NcK4c67xzQI513uCKgZgDDyoPsgrw49fDPV29gh59XfBqm7TjlKQ1Zox1HzVaYNuutmPOkndZ8DitKCLsAaj3siTF5ZeNlZGJMnvvyL8T0BFaeIBEeqHsNtChBt0vsqePd3Fa14mC6RJYvId%2F1DuQFuTy9fGPrEXhyev232jSQmBKZKfGJeErQkfeHt3VBDm%2FrwpLHW1kuumKPTj73Tk5zvvj1e3y30IZtrNnBV28lE2BSPrzLbb5JFROqY8k3q4Ixbta1STj5fsN%2ByONbzm6vOqNctnnr7fWNbma4tUKrEehkTn83SMSYvHD57nRur3y3BWFGMK5E152SWUDoEZJsHzab67eawMg5J848FK4cmjCeb0pBIPm8p3EJ%2B58%2BntdDQyenqSgP7H10zAJofg%2BqW6JnSvRkCSoHsG5xmGfm9PrPMxmxXBjG0iwcxtLIL6Y2T5bHsOK80qzVfBq1G0GzSXkzroetNAoYpWE9CqOI1pDbcXr1F%2FU3AAAA%2F%2F8BAAD%2F%2Fzz%2F3wCRBAAA IP172.240.108.68:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerLet's Encrypt Subjectpostthieve.com Fingerprint4C:B5:73:17:36:A5:52:8C:0D:CC:8E:C4:1B:A3:F7:CC:16:70:06:41 ValidityTue, 23 Apr 2024 10:57:03 GMT - Mon, 22 Jul 2024 10:57:02 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQW8bRRSeTcIJCQnUA6gg%2BcChlYizu7bXNj1UhJAqEJqqLYIbmt2ZdYaMZ1YzO14np4hKqEfDhevmc9IIqFB7RaJCTiUOkZBixCEHcuEfgNQbCNlYGN5h3nvzfaP55pv32YG7ICEcPV97X%2B8JKelKo%2BpXrnwUBNcqm0K5fqXfij6O6tcqpvdmO6r6Vys3eLKjV0I%2F8P3ADyrrwvBU91cmIET2sB1U2361HlaDRh198%2F%2FeOg%2BWemC9C%2FISBBsvPfUuQSQjqO6jNW53cp298U7XSZprgx47%2FkDtKF0odOdlajyk6njGhrZn60%2Bg1dFULnTvX2IsxsT78QlidTwTibh3ONUZS3CFmD2PojcClyMIOkKi70GwMwIkDDe3oLoPbmpT0N1%2FUDpBx2Tp2R8QxZgs%2FXoJqvvtqhT9yh0tXS60suinJUR%2FBNEZIXMnyPcWIIoTJPmnEOwnsvJsE6p7uGWlhmDnrydpUqvTsLbc9lvt5XqNtpdp2KwvN3gUUhaxVsuvTQ0SYgSRjiD5ANQuwlkPTnhwqQeXeeiy80oSBEHTZwn1W%2B0kqbEmjyPmB7SZBjTwoxZcMnnDAHk2QCIHSMw%2BMrOPHfH5WeNdGPcD7HYJyzzYnKDHShScoLAEBSUoBEGRExS98ohJG9ryAZPWxcEsh7NcK4c67xzQI513uCKgZgDDyoPsgrw49fDPV29gh59XfBqm7TjlKQ1Zox1HzVaYNuutmPOkndZ8DitKCLsAaj3siTF5ZeNlZGJMnvvyL8T0BFaeIBEeqHsNtChBt0vsqePd3Fa14mC6RJYvId%2F1DuQFuTy9fGPrEXhyev232jSQmBKZKfGJeErQkfeHt3VBDm%2FrwpLHW1kuumKPTj73Tk5zvvj1e3y30IZtrNnBV28lE2BSPrzLbb5JFROqY8k3q4Ixbta1STj5fsN%2ByONbzm6vOqNctnnr7fWNbma4tUKrEehkTn83SMSYvHD57nRur3y3BWFGMK5E152SWUDoEZJsHzab67eawMg5J848FK4cmjCeb0pBIPm8p3EJ%2B58%2BntdDQyenqSgP7H10zAJofg%2BqW6JnSvRkCSoHsG5xmGfm9PrPMxmxXBjG0iwcxtLIL6Y2T5bHsOK80qzVfBq1G0GzSXkzroetNAoYpWE9CqOI1pDbcXr1F%2FU3AAAA%2F%2F8BAAD%2F%2Fzz%2F3wCRBAAA HTTP/1.1
Host: postthieve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=cfc34a23-9089-43a9-a274-5e62ad6d8803:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 04:00:46 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ccc214db20cfecbdfbbfe2439843ee7b
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| postthieve.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=127 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1postthieve.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=127 IP172.240.108.68:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerLet's Encrypt Subjectpostthieve.com Fingerprint4C:B5:73:17:36:A5:52:8C:0D:CC:8E:C4:1B:A3:F7:CC:16:70:06:41 ValidityTue, 23 Apr 2024 10:57:03 GMT - Mon, 22 Jul 2024 10:57:02 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=127 HTTP/1.1
Host: postthieve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=cfc34a23-9089-43a9-a274-5e62ad6d8803:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 04:00:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png |  188.114.96.1 | 200 OK | 6.0 kB |
URL GET HTTP/3cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png IP188.114.96.1:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced Hashc489ce2c491a22ee37a55e26a92dfd73 2fa588ab09e94dd902e5bd24b48f98ad1949c9d6 1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/chat/mob/ssp/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:47 GMT
content-type: image/png
content-length: 5982
last-modified: Mon, 21 Feb 2022 08:25:06 GMT
etag: "62134c62-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6097651
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a735Cmb8bj5CUbfhwwksr8KDrr8%2Fk2VAygWOFLdCI40Co4qSe3l5%2B5lhNRmofm2hoKbqBbNuryoF%2B5DnzArpXeEMgy8QPGRg9QhJ1oO7A6rT8fM55Y1LeGB%2FekexK7fNju22sP8Psn4W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d965c610b59-OSL
alt-svc: h3=":443"; ma=86400
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 200 OK | 28 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 04:00:46 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: fddea06d4455696176e1acf7834124b3
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 25 Apr 2024 04:00:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=em21JO5QZ%2FRuKHErNUBIvffwk44oiDp1Us5DG0Z3taCJJW8GcEHbE1VvPPT623f0250MwBawtupTcmaBXkOoJNUxwGOVqZUA2dT66ja8oT3l2A0hSysS0CSwbPSQd%2FTTRQoVsGEqHOOkTz6rMh4Lzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d8e7f4e5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 200 OK | 28 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e86844ba2cb565917509292d3edee8b2
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 25 Apr 2024 04:00:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xcJmDCZXWinC%2BYwfDRm3AS2Ru4iULf98GNvHALnwnGz10yWf7nX8I2xVQRG%2B%2FhJRc28jOQC8sGUjeaWawejRZGq7kAoxsLDBPnXWrBK5XI9RrqfmTRi%2FSwIv2TF%2BEKzSyAmR21zTmyWYXOu8I1flxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d8e8f565685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| postthieve.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=62 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1postthieve.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=62 IP172.240.108.68:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerLet's Encrypt Subjectpostthieve.com Fingerprint4C:B5:73:17:36:A5:52:8C:0D:CC:8E:C4:1B:A3:F7:CC:16:70:06:41 ValidityTue, 23 Apr 2024 10:57:03 GMT - Mon, 22 Jul 2024 10:57:02 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=62 HTTP/1.1
Host: postthieve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=cfc34a23-9089-43a9-a274-5e62ad6d8803:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 04:00:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js | 188.114.96.1 | 200 OK | 686 B |
URL GET HTTP/3cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js IP188.114.96.1:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash4f5f05ab032dd8fc0db448fcf51a35e2 78f94f93fdb792d95ea3ac293ac1b8e3bc13d609 7fd8e9c0e5ca0c7123954a109fa8b7e8368c7e1262880925e2ac7b8c877a9e38
GET /sb/chat/mob/ssp/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:47 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:08 GMT
etag: W/"62134c64-17e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 638100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2FjwghhftsFFnz1U02K69HER%2F7DTXhG%2FszS1NDk1E6BIJruHKzK%2BsfjtfPilksG7gTrRx2hE8rV%2FvhglB8LX425MNw7UoPaip2aac3s46OrOlEWY7mxEJOcpQAlXXFOeejmCGyLRUcX5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d96bc720b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 | 172.67.202.34 | 200 OK | 20 kB |
URL User Request GET HTTP/2en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 IP172.67.202.34:443
CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeHTML document, ASCII text, with very long lines (1734), with CRLF line terminators Hash40be4052f518f3e3ffe19176238b6c28 18460e305b0e303f1fb7069ff9b437b89f14cdc3 555adb3e2a7a7928708d2b8d104c983a6dd5de80c546dfd29c541d9c1167a61d
GET /browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B46vqRSH4sz5avBNXBbSzCEAFgAUovJ7D1D2OGgEQ%2BTdahpP4OBC4ZP5jJwefKKnIFHpq38eYbBdRvY8timhPUexuRwzQwodGAXuZeJSUgRVhbIm%2BN%2B9cM4tAKg7ec2V3Lb%2Bou4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b6d8e393f56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css | 188.114.96.1 | 200 OK | 1.1 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css IP188.114.96.1:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash630f303dfe147dec2c4a226287393b69 3e9f8270b84e09595181bd55de6785a89f53ba10 967d085a33a12064d83cb38f582c3e418e021a2d523dd9597bb75dc00589fec7
GET /sb/chat/mob/ssp/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 04:00:47 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-1209"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0HYVrx5IXC7SMsZrIhDenVsN0eqSavSJz%2BLSa8LEkCv70bcPV%2Fr4BYCXroRtsR5xPKcUwNUc%2BJyVXMWuyHA4WOk2alx2a4Tltb175b75FQm1sAkzdLhRqOTkTDaHqfjU33%2F23eHFEkGR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d95faf256ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 16:27:38 GMT
expires: Wed, 23 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 127989
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 01:54:31 GMT
expires: Wed, 23 Apr 2025 01:54:31 GMT
cache-control: public, max-age=31536000
age: 180376
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| postthieve.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=14 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1postthieve.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=14 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerLet's Encrypt Subjectpostthieve.com Fingerprint4C:B5:73:17:36:A5:52:8C:0D:CC:8E:C4:1B:A3:F7:CC:16:70:06:41 ValidityTue, 23 Apr 2024 10:57:03 GMT - Mon, 22 Jul 2024 10:57:02 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=14 HTTP/1.1
Host: postthieve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=cfc34a23-9089-43a9-a274-5e62ad6d8803:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 25 Apr 2024 04:00:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| postthieve.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuTuJJEJQ9KKswBw%2B7YCbdPb%2Fdw2KMWaJxs%2Byu6E3qV0%2FK1HQ1Vd3Tk5yCC7LH0YvXzjfJBnWR3avgIp0FDwEhIx5yMBf%2FA4W9KTLj4Og71Huvvq%2Bor756nx1kFyRERs%2FX3jd7Smu60qj6lSsfBcG1yqaKs0Fl0G5%2B3Kxfq9j%2Bm51m1b9auSH5jlkJ%2FcD3Az%2BorCsrIzNYmYBQycNOUO341XpYDRp1DOz%2Fe5d5cNSD6F%2BQl6DEeOmpdwmKl4h7j9ak20lN8sY7vUzT1Fj0xfEH8U5s8hi9eRlZD1F8PGPDuLP1JzDx0VQuTP9fIlNj4v34BCw%2BnokE6x9OdTINGYOJ55H3S0hdQtES3NyDEmcE4AI3txD3Htw0Nqe7%2F6B0go7J0rM%2FoPIxWfr1EuLet6taDSp3jM5SZWKHQVRADUqobokkO0G6twCVn4Cnn0KJn8jKs03EvcMtpw2UOH%2BdR7xWp2FtueO3O8v1Gu0s07BVX27IZkhFU7Tbfm1qkFIlVFRCyyGoW0TmPGTKQxZ5yBIPPXFe4UEQtHzBqd%2FucF4TLcmawg9oKwpo4DfbyPjkDUOkyRBcD8HtPhK7jx31%2BVnjXdjsB7jtAk54cClBXxTIJUHuCHJKkCuCPCXI%2B8WR0C50xQOhXcaCWQ5nuVaMTNo9oEcm7cqYgNohrCgOkgvy4tTDP1%2B9gR15XvFpGHVYJCMaikaHNVvtMGrV20xK3olqvoRTBZRbAHUe9tSYvLLxMhI1Js99%2BRcYPYHTJ%2BDKA81eA80L0O0Ce%2FHxbuqqJpYQpkCSLiHd9Q70Bbk8vXxj6xEkP73%2BW20a4LZAYgt8op4SdPX90W2Tk8PbJnfk8VaSqp7ao5PPvZPSVC5%2B%2FZ7czY0VG2tu%2BNVbfAJMyod3pUs3aSxU3HXkm1UlhLTrxnJJvt9wH0p2K3Pbq5mNs2Tz1tvrG73ESueUiUvQyZz%2BbsHVmLxw%2Be50bq98twVlS9isQC87JbOAMiV4sg%2BXzPU7Q2D1nMMSD3lWjGzI5ptaEWg57ykr4P7Ts3k9snRymqriwN1H1y6ApvcQ9wr0bYG%2BLkD1EC5bHKWJPb3%2B80wG0wsjpu3CIdNWfzG1ebI8hlPnlZovWkxGssVkvVGPJBes0WA%2BjziriXabI3Xj6Oov8d8AAAD%2F%2FwEAAP%2F%2FvCsK6JEEAAA%3D | 172.240.108.68 | 200 OK | 7 B |
URL GET HTTP/1.1postthieve.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuTuJJEJQ9KKswBw%2B7YCbdPb%2Fdw2KMWaJxs%2Byu6E3qV0%2FK1HQ1Vd3Tk5yCC7LH0YvXzjfJBnWR3avgIp0FDwEhIx5yMBf%2FA4W9KTLj4Og71Huvvq%2Bor756nx1kFyRERs%2FX3jd7Smu60qj6lSsfBcG1yqaKs0Fl0G5%2B3Kxfq9j%2Bm51m1b9auSH5jlkJ%2FcD3Az%2BorCsrIzNYmYBQycNOUO341XpYDRp1DOz%2Fe5d5cNSD6F%2BQl6DEeOmpdwmKl4h7j9ak20lN8sY7vUzT1Fj0xfEH8U5s8hi9eRlZD1F8PGPDuLP1JzDx0VQuTP9fIlNj4v34BCw%2BnokE6x9OdTINGYOJ55H3S0hdQtES3NyDEmcE4AI3txD3Htw0Nqe7%2F6B0go7J0rM%2FoPIxWfr1EuLet6taDSp3jM5SZWKHQVRADUqobokkO0G6twCVn4Cnn0KJn8jKs03EvcMtpw2UOH%2BdR7xWp2FtueO3O8v1Gu0s07BVX27IZkhFU7Tbfm1qkFIlVFRCyyGoW0TmPGTKQxZ5yBIPPXFe4UEQtHzBqd%2FucF4TLcmawg9oKwpo4DfbyPjkDUOkyRBcD8HtPhK7jx31%2BVnjXdjsB7jtAk54cClBXxTIJUHuCHJKkCuCPCXI%2B8WR0C50xQOhXcaCWQ5nuVaMTNo9oEcm7cqYgNohrCgOkgvy4tTDP1%2B9gR15XvFpGHVYJCMaikaHNVvtMGrV20xK3olqvoRTBZRbAHUe9tSYvLLxMhI1Js99%2BRcYPYHTJ%2BDKA81eA80L0O0Ce%2FHxbuqqJpYQpkCSLiHd9Q70Bbk8vXxj6xEkP73%2BW20a4LZAYgt8op4SdPX90W2Tk8PbJnfk8VaSqp7ao5PPvZPSVC5%2B%2FZ7czY0VG2tu%2BNVbfAJMyod3pUs3aSxU3HXkm1UlhLTrxnJJvt9wH0p2K3Pbq5mNs2Tz1tvrG73ESueUiUvQyZz%2BbsHVmLxw%2Be50bq98twVlS9isQC87JbOAMiV4sg%2BXzPU7Q2D1nMMSD3lWjGzI5ptaEWg57ykr4P7Ts3k9snRymqriwN1H1y6ApvcQ9wr0bYG%2BLkD1EC5bHKWJPb3%2B80wG0wsjpu3CIdNWfzG1ebI8hlPnlZovWkxGssVkvVGPJBes0WA%2BjziriXabI3Xj6Oov8d8AAAD%2F%2FwEAAP%2F%2FvCsK6JEEAAA%3D IP172.240.108.68:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerLet's Encrypt Subjectpostthieve.com Fingerprint4C:B5:73:17:36:A5:52:8C:0D:CC:8E:C4:1B:A3:F7:CC:16:70:06:41 ValidityTue, 23 Apr 2024 10:57:03 GMT - Mon, 22 Jul 2024 10:57:02 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuTuJJEJQ9KKswBw%2B7YCbdPb%2Fdw2KMWaJxs%2Byu6E3qV0%2FK1HQ1Vd3Tk5yCC7LH0YvXzjfJBnWR3avgIp0FDwEhIx5yMBf%2FA4W9KTLj4Og71Huvvq%2Bor756nx1kFyRERs%2FX3jd7Smu60qj6lSsfBcG1yqaKs0Fl0G5%2B3Kxfq9j%2Bm51m1b9auSH5jlkJ%2FcD3Az%2BorCsrIzNYmYBQycNOUO341XpYDRp1DOz%2Fe5d5cNSD6F%2BQl6DEeOmpdwmKl4h7j9ak20lN8sY7vUzT1Fj0xfEH8U5s8hi9eRlZD1F8PGPDuLP1JzDx0VQuTP9fIlNj4v34BCw%2BnokE6x9OdTINGYOJ55H3S0hdQtES3NyDEmcE4AI3txD3Htw0Nqe7%2F6B0go7J0rM%2FoPIxWfr1EuLet6taDSp3jM5SZWKHQVRADUqobokkO0G6twCVn4Cnn0KJn8jKs03EvcMtpw2UOH%2BdR7xWp2FtueO3O8v1Gu0s07BVX27IZkhFU7Tbfm1qkFIlVFRCyyGoW0TmPGTKQxZ5yBIPPXFe4UEQtHzBqd%2FucF4TLcmawg9oKwpo4DfbyPjkDUOkyRBcD8HtPhK7jx31%2BVnjXdjsB7jtAk54cClBXxTIJUHuCHJKkCuCPCXI%2B8WR0C50xQOhXcaCWQ5nuVaMTNo9oEcm7cqYgNohrCgOkgvy4tTDP1%2B9gR15XvFpGHVYJCMaikaHNVvtMGrV20xK3olqvoRTBZRbAHUe9tSYvLLxMhI1Js99%2BRcYPYHTJ%2BDKA81eA80L0O0Ce%2FHxbuqqJpYQpkCSLiHd9Q70Bbk8vXxj6xEkP73%2BW20a4LZAYgt8op4SdPX90W2Tk8PbJnfk8VaSqp7ao5PPvZPSVC5%2B%2FZ7czY0VG2tu%2BNVbfAJMyod3pUs3aSxU3HXkm1UlhLTrxnJJvt9wH0p2K3Pbq5mNs2Tz1tvrG73ESueUiUvQyZz%2BbsHVmLxw%2Be50bq98twVlS9isQC87JbOAMiV4sg%2BXzPU7Q2D1nMMSD3lWjGzI5ptaEWg57ykr4P7Ts3k9snRymqriwN1H1y6ApvcQ9wr0bYG%2BLkD1EC5bHKWJPb3%2B80wG0wsjpu3CIdNWfzG1ebI8hlPnlZovWkxGssVkvVGPJBes0WA%2BjziriXabI3Xj6Oov8d8AAAD%2F%2FwEAAP%2F%2FvCsK6JEEAAA%3D HTTP/1.1
Host: postthieve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=cfc34a23-9089-43a9-a274-5e62ad6d8803:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 04:00:47 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e38995c2bfc59c0d63e59b3b7618c28c
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| postthieve.com/pixel/sbs?c=1 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1postthieve.com/pixel/sbs?c=1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerLet's Encrypt Subjectpostthieve.com Fingerprint4C:B5:73:17:36:A5:52:8C:0D:CC:8E:C4:1B:A3:F7:CC:16:70:06:41 ValidityTue, 23 Apr 2024 10:57:03 GMT - Mon, 22 Jul 2024 10:57:02 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: postthieve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=cfc34a23-9089-43a9-a274-5e62ad6d8803:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 25 Apr 2024 04:00:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| en.yts-official.mx/static/yts/style/modded1.js?yify=1 | 172.67.202.34 | 200 OK | 62 kB |
URL GET HTTP/3en.yts-official.mx/static/yts/style/modded1.js?yify=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJavaScript source, ASCII text, with very long lines (65452) Hash60de675fcd2844a3ffbb68550d303076 8a53cc2f554a8ef1f58f3fd1996a3c3552ea5472 1c821bdab262418e3742bfa3c295c3b668724f7e8898b45638958a898bd93d33
GET /static/yts/style/modded1.js?yify=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:44 GMT
content-type: application/javascript
last-modified: Mon, 19 Feb 2024 03:18:38 GMT
vary: Accept-Encoding
etag: W/"65d2c88e-27b24"
expires: Thu, 25 Apr 2024 11:04:43 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 17761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D2NfY10SBhH53aEJx%2Fc0M%2FhQi8UxWJAZL%2BuILOJlhi3kfGH2vkuK4toTte8%2BM52l6tzIichXxJPrTEfoLRpKSy4zsI8XPhr7jcUGb1j7HBoYIVTHeHmPIo6SDiD4TA85PVvEFGI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b6d88ef2b56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.cloudimagesb.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png | 45.133.44.9 | 200 OK | 14 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash962ac416cce3fad636d4904386c8d3d4 811166fceb971353dc6a9ea3a153367f20b47592 ec6c8e1c030499a846897265d0c1f66dedc6ece17c1ea6006b700faf37e73555
GET /si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 04:00:47 GMT
content-type: image/png
content-length: 14496
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 01:05:10 GMT
etag: "656d25c6-38a0"
expires: Sat, 27 Apr 2024 04:00:47 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js | 188.114.96.1 | 200 OK | 90 kB |
URL GET HTTP/3cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js IP188.114.96.1:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash561acb3e541133bbdd2c0c19f8ee35a1 ffd1353cf3f77d25f801c84d8208613eb0d3d548 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc
GET /sb/chat/mob/ssp/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:47 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:09 GMT
etag: W/"62134c65-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4828303
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vtXKct1sdGQEOHrQcmd231eIH80orHVAqMKXNIYlhQHg9W2nk5cOMrAoHDBMzlobu9Ti2rk16kI4zzXDfkpIJWUPsjKWKPmoczUY%2B5%2Fww6skSihXZOD2NMexlfrbTQifJhD%2BxD1ZFKBm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d965c630b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| unseenreport.com/pxf.gif?uuid=28609e31-c54c-4618-85f4-1ce7b6d9d4b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b1270e96b85c3dd200807d09a940c676&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=28609e31-c54c-4618-85f4-1ce7b6d9d4b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b1270e96b85c3dd200807d09a940c676&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 IP172.240.108.76:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=28609e31-c54c-4618-85f4-1ce7b6d9d4b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b1270e96b85c3dd200807d09a940c676&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 04:00:47 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b1f048fbeeab6966c1a0f8e61c9d613c
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=28609e31-c54c-4618-85f4-1ce7b6d9d4b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=0a2f9bfefa2d59b6782f748beec9f30e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=28609e31-c54c-4618-85f4-1ce7b6d9d4b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=0a2f9bfefa2d59b6782f748beec9f30e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 IP172.240.108.76:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=28609e31-c54c-4618-85f4-1ce7b6d9d4b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=0a2f9bfefa2d59b6782f748beec9f30e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 04:00:47 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 959c815ce3bd33458f4362f167c25a1a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| en.yts-official.mx/static/yts/image/logo-YTS.svg | 172.67.202.34 | 200 OK | 23 kB |
URL GET HTTP/3en.yts-official.mx/static/yts/image/logo-YTS.svg IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeSVG Scalable Vector Graphics image Hashfdd85bfbf80d872ea41b942cf21d1db9 6a2d54565cbffa3af342a63931e412ad8837f92d 2234cb288342eab0edfb65ebda4189cf47b40a4b639a25af62c57c03f7ace459
GET /static/yts/image/logo-YTS.svg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:44 GMT
content-type: image/svg+xml
last-modified: Tue, 20 Feb 2024 02:51:28 GMT
etag: W/"65d413b0-5b34"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2587
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZOiIv7RGQWrmZ3yL7072WZAOs3H3iUg9trFCtzcQBoOy6yqM2QCbNwoLKvQOHPpw6zgy4YKG%2BhcxEfz%2B1p7Tbzw6trc%2Bc8i4fH0YJYjgJSTKNKCtQjiuiS%2FrMRYrpOqdDW%2F3ci8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88bf0c56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/movies/poster/chris-rock-bring-the-pain-1996.jpg?v=1 | 172.67.202.34 | 200 OK | 34 kB |
URL GET HTTP/3en.yts-official.mx/movies/poster/chris-rock-bring-the-pain-1996.jpg?v=1 IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3 Hash2676615aa72da124bbd001141ca166ee eba267b2f74bf1b5769f633e617e3e723da42450 3ece7cf3db07a7c059064ae2a7c31bc8e8d113c99135e1b6e338b6cd29ce78c1
GET /movies/poster/chris-rock-bring-the-pain-1996.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/jpeg
content-length: 33984
last-modified: Mon, 26 Feb 2024 22:33:20 GMT
etag: "65dd11b0-84c0"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U0e2vOt9nIrKgj9AgzwA%2Fx8PxLkGmXjdqkltXENV9zd3YJFzQeaS4txIjt0qlMxESjXdL9PxjrX1EJea7OVFuuVULq8T0LgINfoViQW%2BCJ3YFto3HgNFc1zgwFRVLBDXkuFSfY0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d88bf0f56b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css | 188.114.96.1 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css IP188.114.96.1:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hashfc638645a938f69e69360c75335ffd1a 143132fb8361c3ad0acf88cb70bf0b07c0ecc2d4 7ef76aab275d0221c68602d18f81b4285b280756f0f71d535ed8b5b889bc2f90
GET /sb/chat/mob/ssp/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 04:00:47 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 638100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qZbM%2BxV6r9qEnSRBfdjTDUr8H2iiHS4UlpflVeio3vO1xR0c%2FtKeUlun%2FTcBWUkG5t0FyxVuxivyJ7pGDP2rZmwiS2mwFUA0ItWeHrAJhXBM%2F%2B2zb%2B3FfMNpUuBbbE9P8eYQwHAAVrJz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d95faf356ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| en.yts-official.mx/static/yts/style/minified.css | 172.67.202.34 | 200 OK | 120 kB |
URL GET HTTP/3en.yts-official.mx/static/yts/style/minified.css IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeASCII text, with very long lines (57475) Size120 kB (119843 bytes) Hasha314b10e99529c56373ebff456f96618 89369052969ff4793a3c290593b5ded5d2d3e6d7 e043e009630de7fdb24141cd7e788e91a7978880af7730e0f8f97bf41c2cd549
GET /static/yts/style/minified.css HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:44 GMT
content-type: text/css
last-modified: Mon, 19 Feb 2024 08:38:28 GMT
vary: Accept-Encoding
etag: W/"65d31384-1d423"
expires: Thu, 25 Apr 2024 11:04:43 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 17761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tf%2F1puSBIsHRtk8WZST5YDK9tW4M2POC5HrewoK1D3QfsYkgAosxeI2qxNEM6LlHw%2BFQ%2FlWi4Zrzj2Hz%2BZTOmsuX79%2BCRMjmyoRX9mm3VTqrgpff2dY1EexXiMXQd8UE2XTq2rE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b6d88bf0b56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| en.yts-official.mx/static/yts/images/website/select-arrows.svg | 172.67.202.34 | 200 OK | 615 B |
URL GET HTTP/3en.yts-official.mx/static/yts/images/website/select-arrows.svg IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeSVG Scalable Vector Graphics image Hash2380d25896bd0a9ef1f19fd67606323c f67225bc11897e30f07c5dc6f3702035f8a193af 842f6e07aa5c466a76efdabfe4c271153511a29c8f49aa5b3ac5bdf4a77d8596
GET /static/yts/images/website/select-arrows.svg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/static/yts/style/minified.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Feb 2024 03:18:39 GMT
etag: W/"65d2c88f-267"
cache-control: max-age=14400
cf-cache-status: HIT
age: 360
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9rVa0DnKv4PO%2BBFXYkEylAhffzS%2BNwuruHRWG2A8pvx0yNajbjaXJyAzSKm9JihEc4mbF3dR%2F2zsKEfbrZ8tTy2gx73KKwLe5dxKFQEHRzWTsrkFJgw6n188QKhUgfhGqgwc%2BcA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d898f5556b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Arimo:400,700,400italic,700italic&subset=latin,latin-ext | 142.250.74.106 | 200 OK | 9.6 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Arimo:400,700,400italic,700italic&subset=latin,latin-ext IP142.250.74.106:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (9902), with no line terminators Hashda660c7ad34dd81e9f9a9032cc68718a 6bc87a2b72cc76f4253e09a1b7d095f29dc12e13 67d1981c897a8c33dd993afbcd2384fbb40a755ae34e3f43e7bbfbd94c0555f6
GET /css?family=Arimo:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 04:00:44 GMT
date: Thu, 25 Apr 2024 04:00:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| en.yts-official.mx/static/yts/images/website/icon-search.svg | 172.67.202.34 | 200 OK | 894 B |
URL GET HTTP/3en.yts-official.mx/static/yts/images/website/icon-search.svg IP172.67.202.34:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectyts-official.mx FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62 ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT
File typeSVG Scalable Vector Graphics image Hash9caad64a555d10c835c1e121b53743b0 5db8cc1d36d939a65725c4869ebec8cc0b5ce9e3 fa70e1614aed8ae3b0463b4d9884de60fd528951a068e6a13a60a329ef93face
GET /static/yts/images/website/icon-search.svg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/static/yts/style/minified.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:45 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Feb 2024 03:18:39 GMT
etag: W/"65d2c88f-37e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2587
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R6P7OvhDiEyDsYnctFDBlIGXQJwxwhNMohK8sCASrycDzw9t%2FMGnsFbji7PVwfazTuHRR%2FRZ1SgFrd32UdcUguFCSZ2%2F9MkTSTUjxR37Y13RIUxKvdCQOYDhusG7TFGwMqHmA08%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6d898f5456b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 7.0 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hash16b49a99486594c0b42d9bd7821deb2c 2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a 3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 04:00:47 GMT
date: Thu, 25 Apr 2024 04:00:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| postthieve.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=351 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1postthieve.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=351 IP172.240.108.68:443
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerLet's Encrypt Subjectpostthieve.com Fingerprint4C:B5:73:17:36:A5:52:8C:0D:CC:8E:C4:1B:A3:F7:CC:16:70:06:41 ValidityTue, 23 Apr 2024 10:57:03 GMT - Mon, 22 Jul 2024 10:57:02 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=351 HTTP/1.1
Host: postthieve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=cfc34a23-9089-43a9-a274-5e62ad6d8803:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 04:00:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html | 45.133.44.3 | 200 OK | 3.0 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html IP45.133.44.3:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://en.yts-official.mx/browse-movies?genre=all&keyword=&order_by=latest&page=3&quality=all&rating=8&year=0 CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3 ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File typeHTML document, ASCII text, with very long lines (3229), with no line terminators Hash0b579b1f5697d55d3bc0856975d08243 e68a8e8bc08f86086744aba736df40ca7bea6d01 8ac4909eb5c0efc3278c66a43990535925fb271226f96261415df027fe40cb0c
GET /sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 04:00:46 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Tue, 29 Mar 2022 08:27:42 GMT
etag: W/"6242c2fe-ba1"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 25 Apr 2024 05:00:46 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|