Report - bingewatch.to/

Report Overview

Visited public
2023-12-21 16:02:27
Tags
Submit Tags
URL
bingewatch.to/
Finishing URL
bingewatch.to/
IP / ASN
104.21.93.39
#13335 CLOUDFLARENET
Title
BingeWatch - Watch Free Movies online

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
bingewatch.to	unknown	unknown	2022-02-17 23:24:32	2023-10-28 14:39:28	2.2 kB	874 kB	104.21.93.39
potsaglu.net	unknown	2023-01-20	2023-01-20 10:47:03	2023-12-03 12:26:03	854 B	31 kB	139.45.197.245
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-21 08:05:53	2.4 kB	680 kB	142.250.74.3
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-12-21 05:13:16	471 B	742 B	139.45.195.8
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-12-09 10:58:51	2.5 kB	62 kB	142.250.74.132
img.bingewatch.to	unknown	unknown	2022-11-20 19:51:48	2023-10-23 06:47:50	1.1 kB	40 kB	104.21.93.39
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-12-21 05:10:49	489 B	27 kB	151.101.129.229
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-21 09:03:39	897 B	152 kB	216.58.207.200
use.fontawesome.com	942	2012-10-18	2017-01-30 05:43:25	2023-12-21 05:10:15	1.5 kB	184 kB	172.64.140.13
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-21 09:28:40	1.1 kB	33 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-21 16:00:25	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-12-21 16:00:25	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-12-21 16:00:25	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-12-21 16:00:25	medium	Client IP	Internal IP	ET DNS Query for .to TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-21	medium	potsaglu.net	Sinkholed
2023-12-21	medium	potsaglu.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (21)

	URL	From	Size	First Seen	Last Seen
	bingewatch.to/	ScriptElement	59 kB	2023-04-07	2024-10-20
Pretty URL bingewatch.to/ IP 104.21.93.39 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 07:49 Last Seen2024-10-20 10:02 Times Seen11 Hash 7c828e2dc92553551fb1ccbd2b870335 36505edcc7395774c6bfeab3c728943dd752ffa0 ca52add73ea707d304bdfbd347380784f291e1ddb398cee135535aa4af097258 Loading...

	www.googletagmanager.com/gtag/js?id=UA-219526068-1	ScriptElement	191 kB	2024-08-20	2024-08-20
Pretty URL www.googletagmanager.com/gtag/js?id=UA-219526068-1 IP 216.58.207.200 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 15:20 Last Seen2024-08-20 15:20 Times Seen1 Hash 091efe46e7b91b653b14b699945ce9d2 a781763d343db9806cb11bd719e7a204f167be40 6e09d3ae3f9c2726ccb6e4b890449987a05fd32211636f9432cc95e41cccd10f Loading...

	www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js	ScriptElement	515 kB	2023-12-11	2024-08-22
Pretty URL www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js IP 142.250.74.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-11 19:20 Last Seen2024-08-22 03:40 Times Seen14284 Hash 37c6af40dd48a63fcc1be84eaaf44f05 1d708ace806d9e78a21f2a5f89424372e249f718 daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&co=aHR0cHM6Ly9iaW5nZXdhdGNoLnRvOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=w4ko56m1sof3	ScriptElement	69 B	2023-03-07	2025-07-25
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&co=aHR0cHM6Ly9iaW5nZXdhdGNoLnRvOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=w4ko56m1sof3 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-07-25 03:54 Times Seen143995 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.google.com/js/bg/mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js	ScriptElement	17 kB	2023-12-12	2024-08-20
Pretty URL www.google.com/js/bg/mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-12 09:31 Last Seen2024-08-20 16:03 Times Seen2814 Hash 87aa99c1f46758c39c9c3a3072725838 4dc32a7cf8a982e932778e728bd14f0fc979e9c7 98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c Loading...

	potsaglu.net/tag.min.js	ScriptElement	82 kB	2023-12-21	2024-08-20
Pretty URL potsaglu.net/tag.min.js IP 139.45.197.245 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-21 17:01 Last Seen2024-08-20 15:20 Times Seen21 Hash a50c9e1faf15b4d9a7e00d2342d9954a 524970214ea5d21cb7a59cec66a632b9ece119f2 7014eb2b741a4212bd8bb89a22ab0d397da6d93a9a9153796cee30f8a60e8f3d Loading...

	bingewatch.to/	ScriptElement	447 B	2023-04-07	2024-10-20
Pretty URL bingewatch.to/ IP 104.21.93.39 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 07:49 Last Seen2024-10-20 10:02 Times Seen11 Hash 2981dc377865c3a230abf3f2d064ed2a c7873db8451d4680772ba906019514eb893243bb 3551b89beace5611aaab3476270f594aebe56de3b9939fd37ee54cf2d1d4d519 Loading...

	bingewatch.to/	ScriptElement	155 B	2023-03-12	2024-10-20
Pretty URL bingewatch.to/ IP 104.21.93.39 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 21:41 Last Seen2024-10-20 10:02 Times Seen11 Hash 6887a192119232700d30ec3ac3a20fba 1e34892d8870376c217cfb17e266c029cb4b5d2f ce8a0eeea390aa4e850545a193f94e033d74304b974ddb7e161f826b9b9a7f12 Loading...

	bingewatch.to/sandbox%20eval%20code		147 B	2023-04-11	2025-07-25
Pretty URL bingewatch.to/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-07-25 03:59 Times Seen415286 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&co=aHR0cHM6Ly9iaW5nZXdhdGNoLnRvOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=w4ko56m1sof3	ScriptElement	35 kB	2024-08-20	2024-08-20
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&co=aHR0cHM6Ly9iaW5nZXdhdGNoLnRvOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=w4ko56m1sof3 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 15:20 Last Seen2024-08-20 15:20 Times Seen1 Hash d70aa2caae07b122f11f546a2ce30a43 927d9e2827d403f531e4a3cf56cc06d5741950ca eb3c11f323510843e1c6520c5dd85e32de064d3f74037fc88e235ea907d5510d Loading...

	bingewatch.to/	ScriptElement	147 B	2023-03-12	2025-06-30
Pretty URL bingewatch.to/ IP 104.21.93.39 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 08:19 Last Seen2025-06-30 06:25 Times Seen51 Hash 37ba98f71640ea24e41053bfbae620a2 e84f75dfd978940262faae4f88354066c1cda7de 26b624b86e5181d26863f1b8f520031a69eb98eea1ab762255dea2338c836e8a Loading...

	bingewatch.to/	ScriptElement	175 B	2023-03-12	2025-03-09
Pretty URL bingewatch.to/ IP 104.21.93.39 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 08:19 Last Seen2025-03-09 02:13 Times Seen48 Hash 1ab42687e397e9752aa8ccd8d48a20af 84262f778c9ac0069a169776857432a670860af4 58db20e251e24615a7a46f562e5df8435f53d4841ba2a4bf59626d706dfe8679 Loading...

	www.google.com/recaptcha/api.js?render=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&hl=en	ScriptElement	884 B	2023-12-19	2024-08-20
Pretty URL www.google.com/recaptcha/api.js?render=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&hl=en IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-19 22:33 Last Seen2024-08-20 15:30 Times Seen6 Hash 2a9b05d46c870c025f642342ff577efd 1ce4f259677f89bfc7fbecef1a8cbad8005810b8 1119790b5b5ce8a33eecccc88e027f3a83840ca022255ff897a1e19422c744b4 Loading...

	bingewatch.to/js/group_1/app.min.js?v=1.1	ScriptElement	761 kB	2023-06-27	2025-03-09
Pretty URL bingewatch.to/js/group_1/app.min.js?v=1.1 IP 104.21.93.39 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-27 22:26 Last Seen2025-03-09 02:13 Times Seen27 Hash e1b7a0898146bdd738943ac60409f515 ec4f5e42739a49ab177ce6367d8b228d4e6bc992 0a15a699a51be7859c44fd6956afbd8b6129336704194fb1248950c2c5068844 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-07-25
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-07-25 03:59 Times Seen414602 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.googletagmanager.com/gtag/js?id=G-CNXEBPF3EL&l=dataLayer&cx=c	ScriptElement	229 kB	2024-08-20	2024-08-20
Pretty URL www.googletagmanager.com/gtag/js?id=G-CNXEBPF3EL&l=dataLayer&cx=c IP 216.58.207.200 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 15:20 Last Seen2024-08-20 15:20 Times Seen1 Hash a5b2ce02d8caba9caa0930d469913db2 79d72f0b1376e4193504ac51e407aaf71da24c4a 922b8c1eb021d2926c088c3ccdfe9485be3ffbda4c1f0508306a9dcf993a0bab Loading...

		Size	First Seen	Last Seen
	#1 Eval - c09739fd6b8306d926a5b324b06955d3	64 B	2023-12-12 09:31	2024-08-20 16:03
Pretty Observations First Seen2023-12-12 09:31 Last Seen2024-08-20 16:03 Times Seen2783 Hash c09739fd6b8306d926a5b324b06955d3 f2353b995e0b9ce94db26f0a67ba49bed3fca975 59f7a87ab0cf03e911f107b2cc7dd5f3c2b308cbca06e1f4264a522082863cf8 Loading...

	#2 Eval - 3e3dbea39fea899b1ef5d5bd91b9f0b1	23 kB	2023-12-21 17:02	2024-08-20 15:20
Pretty Observations First Seen2023-12-21 17:02 Last Seen2024-08-20 15:20 Times Seen2 Hash 3e3dbea39fea899b1ef5d5bd91b9f0b1 92d732445d49956cbe268f65aefe5e7af8d57fc8 64fbdfbff6e1c809bc8033bf480f94fb91f7cef3b3e235a0149fdd67bc1eaddb Loading...

	#3 Eval - f0bf7e97ef9f0a8a8f835e662dfa56e9	22 B	2023-12-12 09:31	2024-08-20 16:03
Pretty Observations First Seen2023-12-12 09:31 Last Seen2024-08-20 16:03 Times Seen2788 Hash f0bf7e97ef9f0a8a8f835e662dfa56e9 7a6d4fa9dfdde6a26ae5acf345944eb8fb14f55a 2c5725300bb8ededf8fe4f20cedd3d6688dd4c171cb051746352f4365d81f09d Loading...

	#4 Eval - 14663816a87ff1539e548004e8c4c7be	5 B	2024-08-20 15:20	2024-08-20 15:20
Pretty Observations First Seen2024-08-20 15:20 Last Seen2024-08-20 15:20 Times Seen1 Hash 14663816a87ff1539e548004e8c4c7be 72e5451cbaf6093e8efb6a35dad6a27816eb73b3 3db59f67e5075a8479ffcac505ba79a5e9fe3aecddb3704cef6e51157b80e527 Loading...

	#5 Eval - e914f0c7af5d117a481da89ad8235781	22 B	2023-12-12 09:31	2024-08-20 16:03
Pretty Observations First Seen2023-12-12 09:31 Last Seen2024-08-20 16:03 Times Seen2723 Hash e914f0c7af5d117a481da89ad8235781 8b00ed09cbc2f144f184974a1d9d97fb66ca23c9 e3cde5ab32909a304b733120bcecd1636d78e6a1e8a2678dcfc9de4859645756 Loading...

HTTP Transactions (27)

URL IP Response Size

GET img.bingewatch.to/xxrz/400x400/100/af/90/af901b584e80a0ed0d83af751c0853d1/af901b584e80a0ed0d83af751c0853d1.png

104.21.93.39

200 OK

28 kB

URL GET HTTP/3
img.bingewatch.to/xxrz/400x400/100/af/90/af901b584e80a0ed0d83af751c0853d1/af901b584e80a0ed0d83af751c0853d1.png
IP
104.21.93.39:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bingewatch.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectbingewatch.to
FingerprintC5:C0:C9:D0:B2:1C:66:FE:D6:E7:42:7B:CA:37:31:F1:E3:30:0C:D1
ValidityMon, 13 Nov 2023 19:10:03 GMT - Sun, 11 Feb 2024 19:10:02 GMT

File type
PNG image data, 400 x 93, 8-bit/color RGBA, interlaced
Size
28 kB (27544 bytes)
Hash
117033d2a086a41ada016f8196250c7a
7e01b580b04bf6383e980dd3c55b73e93bd8b566
9a3cca606b7471468b2aa5cf98e3343dbf2dadfb261745c8d27cf971b05beca9

HTTP Headers

GET /xxrz/400x400/100/af/90/af901b584e80a0ed0d83af751c0853d1/af901b584e80a0ed0d83af751c0853d1.png HTTP/1.1
Host: img.bingewatch.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bingewatch.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 21 Dec 2023 16:01:59 GMT
content-type: image/png
content-length: 27544
last-modified: Sun, 20 Nov 2022 14:17:45 GMT
vary: Accept-Encoding
etag: W/"637a3709-5204"
x-cache: HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1843
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9opcfuiE70ALBWgCJ4cqGwuWgbuThfU%2ByKneqTLwRqjYaRc3ULvZ9HXTL6hDQXyAUc64svCTQ4a%2BKHyShzua7G1EuOEvtMJ%2BJ43Lj%2BbTAMa6PX%2FHgnriLu%2BlsRs0fyj5EXSw5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 839158cb1e4a56a9-OSL
alt-svc: h3=":443"; ma=86400

GET cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css

151.101.129.229

200 OK

26 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://bingewatch.to/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (65326)
Size
26 kB (26373 bytes)
Hash
a4b3f509e79c54a512b890d73235ef04
1be37b62306c8c0c6775bb4c93c5e4c4e13d9775
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72

HTTP Headers

GET /npm/bootstrap@4.6.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bingewatch.to
DNT: 1
Connection: keep-alive
Referer: https://bingewatch.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.6.2
x-jsd-version-type: version
etag: W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
content-encoding: br
accept-ranges: bytes
date: Thu, 21 Dec 2023 16:01:59 GMT
age: 11077945
x-served-by: cache-fra-eddf8230063-FRA, cache-hel1410022-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26373
X-Firefox-Spdy: h2

HEAD bingewatch.to/

104.21.93.39

200 OK

0 B

URL HEAD HTTP/3
bingewatch.to/
IP
104.21.93.39:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bingewatch.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectbingewatch.to
FingerprintC5:C0:C9:D0:B2:1C:66:FE:D6:E7:42:7B:CA:37:31:F1:E3:30:0C:D1
ValidityMon, 13 Nov 2023 19:10:03 GMT - Sun, 11 Feb 2024 19:10:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD / HTTP/1.1
Host: bingewatch.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bingewatch.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 21 Dec 2023 16:01:59 GMT
content-type: text/html; charset=utf-8
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
content-language: en
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4UbmulCyrBN6XJ241cdf%2FbYoFVk0NTgYXBIG9F834aqz5U9XzffXUK3gUXlswbdf460sz5u1R73CidrrJr%2BuLpICjRgXJnO44tGVFKwLL80gf8PSUqefIYm4eppp6p%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 839158cb7f0d56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET www.googletagmanager.com/gtag/js?id=UA-219526068-1

216.58.207.200

200 OK

69 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-219526068-1
IP
216.58.207.200:443
ASN
#15169 GOOGLE

Requested by
https://bingewatch.to/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (4179)
Size
69 kB (68994 bytes)
Hash
091efe46e7b91b653b14b699945ce9d2
a781763d343db9806cb11bd719e7a204f167be40
6e09d3ae3f9c2726ccb6e4b890449987a05fd32211636f9432cc95e41cccd10f

HTTP Headers

GET /gtag/js?id=UA-219526068-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bingewatch.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 21 Dec 2023 16:01:59 GMT
expires: Thu, 21 Dec 2023 16:01:59 GMT
cache-control: private, max-age=900
last-modified: Thu, 21 Dec 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68994
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET potsaglu.net/tag.min.js

139.45.197.245

200 OK

26 kB

URL GET HTTP/2
potsaglu.net/tag.min.js
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://bingewatch.to/
Certificate
IssuerLet's Encrypt
Subjectpotsaglu.net
Fingerprint1C:0E:1C:AE:33:75:24:E0:C4:DE:D3:F0:78:47:69:A8:8F:70:9E:30
ValidityWed, 06 Dec 2023 05:39:12 GMT - Tue, 05 Mar 2024 05:39:11 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (25794 bytes)
Hash
a50c9e1faf15b4d9a7e00d2342d9954a
524970214ea5d21cb7a59cec66a632b9ece119f2
7014eb2b741a4212bd8bb89a22ab0d397da6d93a9a9153796cee30f8a60e8f3d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: potsaglu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bingewatch.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 21 Dec 2023 16:01:59 GMT
content-type: text/javascript; charset=utf-8
content-length: 25794
content-encoding: br
x-trace-id: ba8f56d098cbc9013bb75a40ce698dbf
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Thu, 21 Dec 2023 15:40:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET bingewatch.to/images/home-icon.png

104.21.93.39

200 OK

46 kB

URL GET HTTP/3
bingewatch.to/images/home-icon.png
IP
104.21.93.39:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bingewatch.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectbingewatch.to
FingerprintC5:C0:C9:D0:B2:1C:66:FE:D6:E7:42:7B:CA:37:31:F1:E3:30:0C:D1
ValidityMon, 13 Nov 2023 19:10:03 GMT - Sun, 11 Feb 2024 19:10:02 GMT

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
46 kB (45549 bytes)
Hash
5a3d34c76b6cdfaf42c2cb708e70e6d3
dad4242f6d3e88cbb4b27279dd185a33df178aa9
ac8f2c0b98409c61f55ecebed5be269aa591a54b2018f849d837d2ea1df79cbd

HTTP Headers

GET /images/home-icon.png HTTP/1.1
Host: bingewatch.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bingewatch.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 21 Dec 2023 16:01:59 GMT
content-type: image/png
content-length: 45549
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
content-language: en
cache-control: public, max-age=604800
etag: W/"b1ed-2tQkL20+iMu0snJ53RhaM98Xiqk"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 27497
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZBJMcnG61ROCKsnw%2Bdf8fQ8dNx3tuPv7AxupgwDs6pbkEuSXxaf8ReCuloP5Le%2BtwxGbWv2H3DKuMlNuWrwKCsi8SPZ8bB2QFjwF4ObFbzmSARNHeLeLSYnWFMTQT2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 839158cd18f656a9-OSL
alt-svc: h3=":443"; ma=86400

GET use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2

172.64.140.13

200 OK

67 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
IP
172.64.140.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bingewatch.to/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 67400, version 1.0
Size
67 kB (67400 bytes)
Hash
14a08198ec7d1eb96d515362293fed36
965d78c34637d1bdab6277805faecb6caa959669
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

HTTP Headers

GET /releases/v5.3.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bingewatch.to
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 21 Dec 2023 16:01:59 GMT
content-type: font/woff2
content-length: 67400
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "14a08198ec7d1eb96d515362293fed36"
last-modified: Fri, 22 Sep 2023 01:45:31 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 1792810
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJUHdB9wJUd%2FYABhtUS%2Bx4INk3NVghyLYkTYtWr8Jr7jfTl8yUdB7w8%2FUTGe6En3zkUaJTT%2BgdCV%2BnJG9SuDT0YynhAaNXqkYVwWNIoDJu8IcmdMlP%2B4wJJfM6scTYFiSxKn%2BT41"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 839158cd88644066-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET use.fontawesome.com/releases/v5.3.1/webfonts/fa-brands-400.woff2

172.64.140.13

200 OK

65 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.3.1/webfonts/fa-brands-400.woff2
IP
172.64.140.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bingewatch.to/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 65316, version 1.0
Size
65 kB (65316 bytes)
Hash
48461ea4e797c9774dabb4a0440d2f56
024b7f9afa49a3658ebd7eee4e1c536502db51fa
974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4

HTTP Headers

GET /releases/v5.3.1/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bingewatch.to
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 21 Dec 2023 16:01:59 GMT
content-type: font/woff2
content-length: 65316
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "48461ea4e797c9774dabb4a0440d2f56"
last-modified: Fri, 22 Sep 2023 01:45:30 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 1792810
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxzuwNFZHN9F%2BY9nQs3niYqQRh5xYTMTWO5ap4PpQRQYsIFEfkAE8VzipE0Q3rPlklYMCdvDJecUb8BPOxeI1HLuk8516Nya9S9%2B%2Fk5mS%2BfHySDSoORwE4m%2F0d9rfOWShwm8Dah6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 839158cd886a4066-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-CNXEBPF3EL&l=dataLayer&cx=c

216.58.207.200

200 OK

81 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-CNXEBPF3EL&l=dataLayer&cx=c
IP
216.58.207.200:443
ASN
#15169 GOOGLE

Requested by
https://bingewatch.to/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (5955)
Size
81 kB (81277 bytes)
Hash
a5b2ce02d8caba9caa0930d469913db2
79d72f0b1376e4193504ac51e407aaf71da24c4a
922b8c1eb021d2926c088c3ccdfe9485be3ffbda4c1f0508306a9dcf993a0bab

HTTP Headers

GET /gtag/js?id=G-CNXEBPF3EL&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bingewatch.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 21 Dec 2023 16:02:00 GMT
expires: Thu, 21 Dec 2023 16:02:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81277
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET img.bingewatch.to/xxrz/100x100/100/0d/4a/0d4ae02b23bb538c804a8c33826445d8/0d4ae02b23bb538c804a8c33826445d8.png?v=1.1

104.21.93.39

200 OK

11 kB

URL GET HTTP/3
img.bingewatch.to/xxrz/100x100/100/0d/4a/0d4ae02b23bb538c804a8c33826445d8/0d4ae02b23bb538c804a8c33826445d8.png?v=1.1
IP
104.21.93.39:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bingewatch.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectbingewatch.to
FingerprintC5:C0:C9:D0:B2:1C:66:FE:D6:E7:42:7B:CA:37:31:F1:E3:30:0C:D1
ValidityMon, 13 Nov 2023 19:10:03 GMT - Sun, 11 Feb 2024 19:10:02 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, interlaced
Size
11 kB (11262 bytes)
Hash
0ad9247f78de3d27573b3db7a33ab7d9
16591bc303a74b3017eed8b55dc74760d2c9b095
9f27d600001b037e5c0d8aa3b7a657bf8fc6a2aa04d96152e7565259bc5687ad

HTTP Headers

GET /xxrz/100x100/100/0d/4a/0d4ae02b23bb538c804a8c33826445d8/0d4ae02b23bb538c804a8c33826445d8.png?v=1.1 HTTP/1.1
Host: img.bingewatch.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bingewatch.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 21 Dec 2023 16:02:00 GMT
content-type: image/png
content-length: 11262
last-modified: Sun, 20 Nov 2022 14:17:45 GMT
vary: Accept-Encoding
etag: W/"637a3709-18b3"
x-cache: HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 222
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGtmEZbKicoZ%2FLIN4elYzZ3OYbVhJVL7g47akwhK%2F7%2B0ac1Mg7%2Bvl0J7keJ%2BHNr6WxWp2x7eyu9RmM9bLP2vCpxlt241FY820GEs8bKvLgSQnqrpmUlDdib6uYP25zKbahIfEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 839158cecc3b56a9-OSL
alt-svc: h3=":443"; ma=86400

GET www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

142.250.74.3

200 OK

206 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
ASCII text, with very long lines (647)
Size
206 kB (205927 bytes)
Hash
37c6af40dd48a63fcc1be84eaaf44f05
1d708ace806d9e78a21f2a5f89424372e249f718
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

HTTP Headers

GET /recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bingewatch.to
DNT: 1
Connection: keep-alive
Referer: https://bingewatch.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205927
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Dec 2023 11:02:53 GMT
expires: Wed, 18 Dec 2024 11:02:53 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 190747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET my.rtmark.net/gid.js?userId=8d69bc137cc2462a84caff017ac29df4

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=8d69bc137cc2462a84caff017ac29df4
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://bingewatch.to/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
JSON data
Size
65 B (65 bytes)
Hash
c9b73196685497639fffc9b537731824
224c70b6335dfbc3ff70178be490bc2ae086500f
a91244f5f85b36e5e58d0893af84512935d6f5554621169335589e01d6b18652

HTTP Headers

GET /gid.js?userId=8d69bc137cc2462a84caff017ac29df4 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bingewatch.to
DNT: 1
Connection: keep-alive
Referer: https://bingewatch.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 21 Dec 2023 16:02:00 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://bingewatch.to
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8d69bc137cc2462a84caff017ac29df4; expires=Fri, 20 Dec 2024 16:02:00 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET www.google.com/recaptcha/api2/anchor?ar=1&k=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&co=aHR0cHM6Ly9iaW5nZXdhdGNoLnRvOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=w4ko56m1sof3

142.250.74.132

200 OK

52 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/anchor?ar=1&k=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&co=aHR0cHM6Ly9iaW5nZXdhdGNoLnRvOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=w4ko56m1sof3
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://bingewatch.to/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT

File type
HTML document, ASCII text, with very long lines (35089)
Size
52 kB (51623 bytes)
Hash
d21f360212fbfb86757f82372d71adb2
914f62043ce7508c728097c0c5adba2d102051c9
426a5b46bdf34c862a437502d59b51ae1fe620014fc09dc209d4d36c5a8c31c0

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&co=aHR0cHM6Ly9iaW5nZXdhdGNoLnRvOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=w4ko56m1sof3 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bingewatch.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 21 Dec 2023 16:02:00 GMT
content-security-policy: script-src 'nonce-Rsmuz74HCOSMfYN-PlJMlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

142.250.74.3

200 OK

206 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
ASCII text, with very long lines (647)
Size
206 kB (205927 bytes)
Hash
37c6af40dd48a63fcc1be84eaaf44f05
1d708ace806d9e78a21f2a5f89424372e249f718
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

HTTP Headers

GET /recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205927
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Dec 2023 11:02:53 GMT
expires: Wed, 18 Dec 2024 11:02:53 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 190747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.131

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&co=aHR0cHM6Ly9iaW5nZXdhdGNoLnRvOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=w4ko56m1sof3
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Dec 2023 15:53:53 GMT
expires: Fri, 20 Dec 2024 15:53:53 GMT
cache-control: public, max-age=31536000
age: 487
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.131

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&co=aHR0cHM6Ly9iaW5nZXdhdGNoLnRvOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=w4ko56m1sof3
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 16 Dec 2023 22:47:55 GMT
expires: Sun, 15 Dec 2024 22:47:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 407645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

142.250.74.3

200 OK

206 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
ASCII text, with very long lines (647)
Size
206 kB (205927 bytes)
Hash
37c6af40dd48a63fcc1be84eaaf44f05
1d708ace806d9e78a21f2a5f89424372e249f718
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

HTTP Headers

GET /recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205927
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Dec 2023 11:02:53 GMT
expires: Wed, 18 Dec 2024 11:02:53 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 190747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.3

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&co=aHR0cHM6Ly9iaW5nZXdhdGNoLnRvOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=w4ko56m1sof3
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 14 Dec 2023 16:21:15 GMT
expires: Thu, 21 Dec 2023 16:21:15 GMT
cache-control: public, max-age=604800
age: 603645
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.google.com/js/bg/mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js

142.250.74.132

200 OK

6.8 kB

URL GET HTTP/3
www.google.com/js/bg/mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&co=aHR0cHM6Ly9iaW5nZXdhdGNoLnRvOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=w4ko56m1sof3
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT

File type
ASCII text, with very long lines (17107), with no line terminators
Size
6.8 kB (6828 bytes)
Hash
87aa99c1f46758c39c9c3a3072725838
4dc32a7cf8a982e932778e728bd14f0fc979e9c7
98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c

HTTP Headers

GET /js/bg/mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&co=aHR0cHM6Ly9iaW5nZXdhdGNoLnRvOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=w4ko56m1sof3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 6828
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Dec 2023 13:47:21 GMT
expires: Wed, 18 Dec 2024 13:47:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 180879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.google.com/recaptcha/api.js?render=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&hl=en

142.250.74.132

200 OK

884 B

URL GET HTTP/2
www.google.com/recaptcha/api.js?render=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&hl=en
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://bingewatch.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint50:3E:DA:12:EC:7F:39:A5:E9:4F:16:D7:D6:AA:BF:45:15:44:7F:E9
ValidityMon, 20 Nov 2023 08:09:47 GMT - Mon, 12 Feb 2024 08:09:46 GMT

File type
ASCII text, with very long lines (884), with no line terminators
Size
884 B (884 bytes)
Hash
2a9b05d46c870c025f642342ff577efd
1ce4f259677f89bfc7fbecef1a8cbad8005810b8
1119790b5b5ce8a33eecccc88e027f3a83840ca022255ff897a1e19422c744b4

HTTP Headers

GET /recaptcha/api.js?render=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&hl=en HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bingewatch.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Thu, 21 Dec 2023 16:01:59 GMT
date: Thu, 21 Dec 2023 16:01:59 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.google.com/recaptcha/api2/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu

142.250.74.132

200 OK

102 B

URL GET HTTP/3
www.google.com/recaptcha/api2/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&co=aHR0cHM6Ly9iaW5nZXdhdGNoLnRvOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=w4ko56m1sof3
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
74a981e3aaaa1f7200e5f87b03883703
22cf9554c2d813a219b2982ae769695119ac1092
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&co=aHR0cHM6Ly9iaW5nZXdhdGNoLnRvOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=w4ko56m1sof3
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 21 Dec 2023 16:02:00 GMT
date: Thu, 21 Dec 2023 16:02:00 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET bingewatch.to/css/group_1/theme_4/styles.min.css?v=0.6

104.21.93.39

200 OK

62 kB

URL GET HTTP/3
bingewatch.to/css/group_1/theme_4/styles.min.css?v=0.6
IP
104.21.93.39:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bingewatch.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectbingewatch.to
FingerprintC5:C0:C9:D0:B2:1C:66:FE:D6:E7:42:7B:CA:37:31:F1:E3:30:0C:D1
ValidityMon, 13 Nov 2023 19:10:03 GMT - Sun, 11 Feb 2024 19:10:02 GMT

File type

Size
62 kB (62390 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /css/group_1/theme_4/styles.min.css?v=0.6 HTTP/1.1
Host: bingewatch.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bingewatch.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 21 Dec 2023 16:01:59 GMT
content-type: text/css; charset=UTF-8
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 07:47:31 GMT
etag: W/"f3b6-1881e60f9c2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 2376077
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjJnGoGwrc5L6x137K8bcRG9bm%2B966dJYavIfqZ91gKOQgDbUaNxqFSvJaRYVDXWnwGSO30htwRMp6DVRIXJ1RfUghdSbCfgBnBYtgIdctzIThIJjTBF%2BqvD9r5gASii"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 839158cb1e4156a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET bingewatch.to/ajax/auth/panel

104.21.93.39

200 OK

219 B

URL GET HTTP/3
bingewatch.to/ajax/auth/panel
IP
104.21.93.39:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bingewatch.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectbingewatch.to
FingerprintC5:C0:C9:D0:B2:1C:66:FE:D6:E7:42:7B:CA:37:31:F1:E3:30:0C:D1
ValidityMon, 13 Nov 2023 19:10:03 GMT - Sun, 11 Feb 2024 19:10:02 GMT

File type
HTML document, ASCII text, with no line terminators
Size
219 B (219 bytes)
Hash
cf225e09041da15993d2ce1818602252
3145e7bc68730d1240aeb8e4a74d11fbade337c0
43dd68873617b9c747dd1c528ae20aae10189f6740dedc24b43759878101f01d

HTTP Headers

GET /ajax/auth/panel HTTP/1.1
Host: bingewatch.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://bingewatch.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 21 Dec 2023 16:02:00 GMT
content-type: application/json; charset=utf-8
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
content-language: en
etag: W/"db-w5pX5germNiuEaUn6446Y59Fvok"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NiZ8NqL9Qa8agWajHfRZpxX2eoN6list%2B6%2FAChWovKyyT7eTIZtUZasHa5fGi4aQjKLFPITJ5qbXQZXLQwTuAsNIQwmIXNCs8KJD3H%2FSFeg72AuS8wpCK3F%2BNm8zLTA%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 839158ce1b3056a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET use.fontawesome.com/releases/v5.3.1/css/all.css

172.64.140.13

200 OK

49 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.3.1/css/all.css
IP
172.64.140.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bingewatch.to/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (48464)
Size
49 kB (48649 bytes)
Hash
10519cfd3206802f58315b877a9beab5
03232d7095b4a14b88810a0ffe76ae50726c23c6
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

HTTP Headers

GET /releases/v5.3.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bingewatch.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 21 Dec 2023 16:01:59 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"10519cfd3206802f58315b877a9beab5"
last-modified: Fri, 22 Sep 2023 01:45:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1861991
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7VxnJKEc7DGYIMgPDxxOMrnwQ%2BU4cUR0eegVBI0LYUXh%2FH%2FOoxfEZjvI1gwnRApBNjciHdpkik8pfDeaFlnoZouPJ6kS6FbMRRZnTvHjej8G1eUPWqo2otQhSGW0kWp5pVatVRx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 839158cbfd1d779d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET bingewatch.to/js/group_1/app.min.js?v=1.1

104.21.93.39

200 OK

761 kB

URL GET HTTP/3
bingewatch.to/js/group_1/app.min.js?v=1.1
IP
104.21.93.39:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bingewatch.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectbingewatch.to
FingerprintC5:C0:C9:D0:B2:1C:66:FE:D6:E7:42:7B:CA:37:31:F1:E3:30:0C:D1
ValidityMon, 13 Nov 2023 19:10:03 GMT - Sun, 11 Feb 2024 19:10:02 GMT

File type

Size
761 kB (760913 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/group_1/app.min.js?v=1.1 HTTP/1.1
Host: bingewatch.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bingewatch.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 21 Dec 2023 16:01:59 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
cache-control: public, max-age=31536000
last-modified: Sat, 20 May 2023 15:05:52 GMT
etag: W/"b9c51-18839b215a2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 2274357
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6yq0KHGqlXVBVYnUS3%2BjVR6ALm5btIZC74B31SNv%2Fj1natsWgaZMIOa9%2BFq3p%2F3Na4OprVBE%2BqYtuFTWoxRrUpKgQTINqGlli7ir7P2GmyTaEWuvnEb5Cfl2fw39DRo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 839158cb1e4656a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET potsaglu.net/5/5729173/?oo=1&aab=1

139.45.197.245

200 OK

2.8 kB

URL GET HTTP/2
potsaglu.net/5/5729173/?oo=1&aab=1
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://bingewatch.to/
Certificate
IssuerLet's Encrypt
Subjectpotsaglu.net
Fingerprint1C:0E:1C:AE:33:75:24:E0:C4:DE:D3:F0:78:47:69:A8:8F:70:9E:30
ValidityWed, 06 Dec 2023 05:39:12 GMT - Tue, 05 Mar 2024 05:39:11 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3008), with no line terminators
Size
2.8 kB (2768 bytes)
Hash
c86a1abb1d43f075e5633eddb3aff2b7
37fe86003849de0da41c46211ffbffae8d188ce6
e752a1e1db1d86565e4875628bb3394f0ff22f46ef303659e265ea978321e428

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/5729173/?oo=1&aab=1 HTTP/1.1
Host: potsaglu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bingewatch.to
DNT: 1
Connection: keep-alive
Referer: https://bingewatch.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 21 Dec 2023 16:01:59 GMT
content-type: application/json
x-trace-id: 81417fee6565c982326ceb992ef0840f
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://bingewatch.to
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=8d69bc137cc2462a84caff017ac29df4; expires=Fri, 20 Dec 2024 16:01:59 GMT; path=/; secure; SameSite=None
oaidts=1703174519; expires=Fri, 20 Dec 2024 16:01:59 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

142.250.74.3

200 OK

56 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcByHghAAAAAC3TN2Z97m8b8L9e8uo3oF4-L0Lx&co=aHR0cHM6Ly9iaW5nZXdhdGNoLnRvOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=w4ko56m1sof3
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
ASCII text, with very long lines (56398), with no line terminators
Size
56 kB (56398 bytes)
Hash
eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

HTTP Headers

GET /recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Dec 2023 17:23:36 GMT
expires: Tue, 17 Dec 2024 17:23:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
content-type: text/css
vary: Accept-Encoding
age: 254304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by