Report - en.yts-official.mx/movies/elemental-2023/

Report Overview

Submitted URL
en.yts-official.mx/movies/elemental-2023/
IP
104.21.69.3
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 18:00:31
Access
public
Website Title
(1) New Message!
Final URL
en.yts-official.mx/movies/elemental-2023/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
en.yts-official.mx	unknown	2024-02-16	2024-02-22	2024-04-18	14 kB	729 kB	172.67.202.34
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	3.1 kB	107 kB	142.250.74.131
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15	2024-05-09	2.3 kB	170 kB	188.114.96.1
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-05-09	440 B	16 kB	45.133.44.9
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-09	1.9 kB	220 kB	104.17.24.14
cawadversityinheritance.com	unknown	unknown	No data	No data	898 B	46 kB	172.240.108.84
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-09	874 B	850 B	3.124.83.201
cdn.barscreative1.com	25648	2021-09-08	2021-09-16	2024-05-09	496 B	1.7 kB	45.133.44.4
vidsrc.to	unknown	unknown	2023-07-30	2024-05-06	1.4 kB	176 kB	104.21.64.103
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	1.4 kB	44 kB	142.250.74.106
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-05-09	413 B	29 kB	172.67.180.87
customarydesolate.com	unknown	2024-05-06	2024-05-07	2024-05-08	7.5 kB	13 kB	172.240.108.68
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-09	676 B	1.9 kB	143.204.53.97
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2024-05-09	417 B	327 B	192.243.59.20

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	cawadversityinheritance.com	Sinkholed
2024-05-10	medium	cawadversityinheritance.com	Sinkholed
2024-05-10	medium	customarydesolate.com	Sinkholed
2024-05-10	medium	customarydesolate.com	Sinkholed
2024-05-10	medium	customarydesolate.com	Sinkholed
2024-05-10	medium	customarydesolate.com	Sinkholed
2024-05-10	medium	customarydesolate.com	Sinkholed
2024-05-10	medium	customarydesolate.com	Sinkholed
2024-05-10	medium	customarydesolate.com	Sinkholed
2024-05-10	medium	customarydesolate.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	cawadversityinheritance.com/0a/2f/9b/0a2f9bfefa2d59b6782f748beec9f30e.js	44 kB	2024-05-10	2024-05-10
Pretty URL cawadversityinheritance.com/0a/2f/9b/0a2f9bfefa2d59b6782f748beec9f30e.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 20:00:38 Last Seen2024-05-10 20:00:38 Times Seen2 Hash 34b2f702e5311404123a8868f3b6616b 0b101c89dd7790f174d20dda12eedd097297c7b8 5431900c74263ef49bab589429ba4d5ab8dff7d0b17f38c0013af0becc59a67b Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-17
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 172.67.180.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-17 14:49:08 Times Seen3553 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	unknown	1.3 kB	2024-04-18	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 12:10:15 Last Seen2024-05-10 20:00:38 Times Seen28 Hash c49d905a401c8300d3a430b90f647172 abbb3b563239dfe2eb172377985ef6f5fe9db5a6 55c0ad517dc805ddffa8f13a2614bc0217b201e44cbfb2e9fc900dd42c4120c4 Loading...

	en.yts-official.mx/static/yts/js/jquery.min.js?v=1	84 kB	2023-03-07	2024-05-20
Pretty URL en.yts-official.mx/static/yts/js/jquery.min.js?v=1 IP 172.67.202.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:08 Last Seen2024-05-20 19:21:30 Times Seen1916 Hash b0dc11d0a434aafe88908c7f33d71095 1327f754ff87d26bced46568543207e9df190aaa de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-05-20
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-20 21:51:17 Times Seen275518 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	cdnjs.cloudflare.com/ajax/libs/bootstrap/4.6.2/js/bootstrap.bundle.min.js	83 kB	2023-03-07	2024-05-20
Pretty URL cdnjs.cloudflare.com/ajax/libs/bootstrap/4.6.2/js/bootstrap.bundle.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:54 Last Seen2024-05-20 07:59:42 Times Seen1655 Hash a0805bca912ec901f2a7096228b62d46 3233fd01d87fba457eaad8dcbc289f75b170f814 19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49 Loading...

	cawadversityinheritance.com/b1/27/0e/b1270e96b85c3dd200807d09a940c676.js	76 kB	2024-05-10	2024-05-10
Pretty URL cawadversityinheritance.com/b1/27/0e/b1270e96b85c3dd200807d09a940c676.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 20:00:38 Last Seen2024-05-10 20:00:38 Times Seen2 Hash 9f442f866bb9a627f609dfb769040ea4 693823a2f060ee918f6def12cead88f579ccb9d7 6a711e2d117bdf545fb4e88d213c1f55c5c3cdd1c9fec4c144c8ec0998f8bb2d Loading...

	en.yts-official.mx/static/yts/style/modded1.js?yify=1	163 kB	2023-03-08	2024-05-18
Pretty URL en.yts-official.mx/static/yts/style/modded1.js?yify=1 IP 172.67.202.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:05:18 Last Seen2024-05-18 23:23:52 Times Seen221 Hash 60de675fcd2844a3ffbb68550d303076 8a53cc2f554a8ef1f58f3fd1996a3c3552ea5472 1c821bdab262418e3742bfa3c295c3b668724f7e8898b45638958a898bd93d33 Loading...

	capaciousdrewreligion.com/advertisers.js	0 B	2023-03-07	2024-05-20
Pretty URL capaciousdrewreligion.com/advertisers.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 22:29:47 Times Seen37896069 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	en.yts-official.mx/movies/elemental-2023/	428 B	2024-04-18	2024-05-18
Pretty URL en.yts-official.mx/movies/elemental-2023/ IP 172.67.202.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 12:10:15 Last Seen2024-05-18 23:23:52 Times Seen99 Hash 6dcff6572b90a25babb8be2e3703eb97 58ca34991d0315b9cef9bb1e9bd8ba547602e5b3 28f374670828d65e52a411c90ba6dd9017599b26eca5ef05eb3278c2f4f81982 Loading...

	vidsrc.to/assets/embed/min/all.js?v=663d8cfa	88 kB	2024-05-10	2024-05-15
Pretty URL vidsrc.to/assets/embed/min/all.js?v=663d8cfa IP 104.21.64.103 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 16:45:12 Last Seen2024-05-15 17:24:46 Times Seen6 Hash 912b94dff2bdef3ad18cc2356295d08a ee5c96a735d8f69fad8fb88c40fceafaf81ec261 333c088db3185e776ef5cf239fce4d393303dbf065d1d2ba9d9843c388a70acd Loading...

	unknown	34 B	2023-04-11	2024-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16:40 Last Seen2024-05-20 22:14:02 Times Seen77811 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

	cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js	84 kB	2023-03-07	2024-05-20
Pretty URL cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-20 17:29:27 Times Seen16312 Hash 4a356126b9573eb7bd1e9a7494737410 8258d046f17dd3c15a5d3984e1868b7b5d1db329 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5 Loading...

HTTP Transactions (67)

URL IP Response Size

en.yts-official.mx/static/yts/image/default_avatar.jpg

172.67.202.34

200 OK

2.4 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/image/default_avatar.jpg
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 100", baseline, precision 8, 60x60, components 3
Size
2.4 kB (2449 bytes)
Hash
e55b123ffd0b26cddf175715a76ff22d
0cbeba4643578c972bb79bf8e3b0b83a794df5bc
9412c68d8f2bad5e7abe0ca709a3258cf8c2b7a14bcc1654abf2316debf902cc

HTTP Headers

GET /static/yts/image/default_avatar.jpg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: image/jpeg
content-length: 2449
last-modified: Mon, 19 Feb 2024 10:45:38 GMT
etag: "65d33152-991"
expires: Thu, 30 May 2024 16:20:44 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 869959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4xojulZHLg%2BbdKNr%2Fj1B5nTnqf0K5BCPidKqIX9s8VuNibt4906wIad6iS2Hm9uC6EuXE%2FAAiqPdREfh4svWkaxCTyXPJHYda6arg4ieZBe76pCjk8NyEpVrtiCpNUBdnkjWJeM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39e7a08568a-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/static/yts/js/jquery.min.js?v=1

172.67.202.34

200 OK

34 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/js/jquery.min.js?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
gzip compressed data, from Unix
Size
34 kB (33713 bytes)
Hash
46870281a9fe72319063dc612ef3929f
f3dd9a6fd569d3633611d51fd3620c30ea9b5e3c
bee513f32b17968a28714b1a6562ad83a840265d10bc8c81e3a42217d18d39eb

HTTP Headers

GET /static/yts/js/jquery.min.js?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: application/javascript
last-modified: Mon, 19 Feb 2024 03:18:39 GMT
vary: Accept-Encoding
etag: W/"65d2c88f-1497d"
expires: Fri, 10 May 2024 20:13:41 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 35182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zFHyxQi1c%2F62PPI0vgDkmw69WRY20vEyNpQVOTrkvgDYSpZnf3zyCYIyQVaQ42LvmZT5NiNuM8gMHCjQ%2BfTv12J0G2E1PaAuSE6f3tyGhpO4DLm3GdJMvUUGOp57U9xjum8bCjU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd39e79f5568a-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/spider-man-across-the-spider-verse-2023.jpg?v=1

172.67.202.34

200 OK

55 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/spider-man-across-the-spider-verse-2023.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
55 kB (54940 bytes)
Hash
8fd666963f9239afa9f09883ce11fa39
a475b138335459535e5767e3027d54f0329dc380
798cb183c2695e5359eef92e55a01aec7fc6089645e6822c51e249b3946ae203

HTTP Headers

GET /movies/poster/spider-man-across-the-spider-verse-2023.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: image/jpeg
content-length: 54940
last-modified: Mon, 07 Aug 2023 22:34:31 GMT
etag: "64d17177-d69c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2FuKu%2BEF03rGruZxIfJmoYPBKumkN7WFRaeokD8%2B53x9ERv8AxYbQE4mnYn1RFjiusniQ0uRnAi9R3CrfCXBYjRf69bg5KfgUXkzduV2eqWgvK6K82EM1yQV4zs9pIKp5bskjU8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39e69d4568a-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/the-flash-2023.jpg?v=1

172.67.202.34

200 OK

27 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/the-flash-2023.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
27 kB (27026 bytes)
Hash
036a6530e16c6e73b3e9c41a3a3f02fc
6cee95d345e5fb00e08a23d36c75d3dd77a2badb
9bf90405cf683b22fad28c10ba15e2ff2a163ff92dacbdc944f42e6175b2af1d

HTTP Headers

GET /movies/poster/the-flash-2023.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: image/jpeg
content-length: 27026
last-modified: Mon, 17 Jul 2023 22:34:48 GMT
etag: "64b5c208-6992"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xyi6E7BecNVNFy%2BQcNNjcI3ESfU2j%2FZsYOdFdscbhmuzNkCUdNU7StTINnN0%2FqjKZUgxmCfa8rpXiFoujU0RoY4SsQFS2h%2FeRCfje3NNZgCJo6BO%2B1%2BVkiJmxxVYPbwL8iCWZRE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39e69db568a-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/mavka-the-forest-song-2023.jpg?v=1

172.67.202.34

200 OK

41 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/mavka-the-forest-song-2023.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
41 kB (40750 bytes)
Hash
28b2c7142d7dad2a78eca3b76ef4ab62
b75476de765ce5ffc719d60795592cdeda54b995
5efecebf970d17f840497b8d7771b838124822ac867833f4425dd26046ac933a

HTTP Headers

GET /movies/poster/mavka-the-forest-song-2023.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: image/jpeg
content-length: 40750
last-modified: Fri, 30 Jun 2023 22:34:21 GMT
etag: "649f586d-9f2e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vA6fU4vC%2FOmAdPMbKApLrICUlVdVj2fvRV0sO1QXrAoaWOi%2F4zWpJS%2BxSMaEn060rZG6s%2BrsZKsunEf1xyNf1o1PqwLT95WYWY4UuHPH%2FlRRF2rfDbwOXkTvhVe8bHJjvPT9%2Fes%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39e69e0568a-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/screenshot/elemental-2023-medium-screenshot1.jpg

172.67.202.34

200 OK

33 kB

URL GET HTTP/3
en.yts-official.mx/movies/screenshot/elemental-2023-medium-screenshot1.jpg
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x189, components 3
Size
33 kB (33177 bytes)
Hash
25b517c79dd274b35d5f950f5b42106b
30c90938fed80539072514864ab102e8dd2b7719
52191ad204377ea8885f27a7d8c228d4138accc78a508d685c4d584d894e70fe

HTTP Headers

GET /movies/screenshot/elemental-2023-medium-screenshot1.jpg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: image/jpeg
content-length: 33177
last-modified: Mon, 14 Aug 2023 22:34:24 GMT
etag: "64daabf0-8199"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0LhI3rUZz4eQXnDiFPWEcdllt%2Brg3fFm8yKU1oloqjPcGrqxLs%2BhWwDjU54UqrYEsm6VYJbYnlHlw4HnDCFOXzB8%2FBgisOcsUbw7jpNqWWz4zVKWr38pq4xmytk9kWRNl9BJGmE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39e69e1568a-OSL
alt-svc: h3=":443"; ma=86400

vidsrc.to/embed/movie/tt15789038/

104.21.64.103

200 OK

5.5 kB

URL GET HTTP/2
vidsrc.to/embed/movie/tt15789038/
IP
104.21.64.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectvidsrc.to
Fingerprint1D:91:BF:0E:81:D2:1C:22:D3:9C:9C:8D:88:3E:B4:E5:E2:68:DE:FC
ValidityFri, 22 Mar 2024 12:30:27 GMT - Thu, 20 Jun 2024 12:30:26 GMT

File type
HTML document, ASCII text, with very long lines (4335)
Size
5.5 kB (5491 bytes)
Hash
980859bbe171018f56934650bd8e7725
abc1da256d11b4782a9790d6bc58143665472d59
5be65dbbd35ef39c11af4cedadb473a46a218954834c4ce46fb8b59c55bc23c6

HTTP Headers

GET /embed/movie/tt15789038/ HTTP/1.1
Host: vidsrc.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: text/html; charset=UTF-8
e-cache: HIT
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sjvIf%2B29FJ2hJKVBB%2F7auPSBBxNwVmBYSZicmjxx%2Bk4W7iCVdEMvTDTjcGVTSGPRD2FKUGbXVv6fwX7%2Bj3Cc%2BGCeb9bJ4MZlCjlXjtwhZoYdwWCKJcf%2FfZcUCVE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd39eae55712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Arimo:400,700,400italic,700italic&subset=latin,latin-ext

142.250.74.106

200 OK

24 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Arimo:400,700,400italic,700italic&subset=latin,latin-ext
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
24 kB (24110 bytes)
Hash
ce64284e90f48fa99df997846b50464b
9eea66d1b3ae0d250d30e94891d862ddfcb9a859
dfd43aab2cc421148bdcab5e9b84831d142d5097111dd1a1fe17df32153d6c81

HTTP Headers

GET /css?family=Arimo:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 18:00:03 GMT
date: Fri, 10 May 2024 18:00:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2

142.250.74.131

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20040, version 1.0
Size
20 kB (20040 bytes)
Hash
a61c670a24d6794a95a9712f0d12b656
c9b3114b27790109ec51508f51f1a033ccfe0812
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6

HTTP Headers

GET /s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:52:43 GMT
expires: Fri, 09 May 2025 01:52:43 GMT
cache-control: public, max-age=31536000
age: 144440
last-modified: Thu, 14 Sep 2023 00:51:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

en.yts-official.mx/movies/poster/elemental-2023.jpg

172.67.202.34

200 OK

46 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/elemental-2023.jpg
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
46 kB (45800 bytes)
Hash
7b357f5312d4c4924a23e91effaf1a5e
dfe589dfc713063f5486b384754766373256b9d8
6c823cafaf9bbfcce3bbb16d8efdb2ce516e996d8a8c3e88f4b9d65414bddd05

HTTP Headers

GET /movies/poster/elemental-2023.jpg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: image/jpeg
content-length: 45800
last-modified: Mon, 14 Aug 2023 22:34:24 GMT
etag: "64daabf0-b2e8"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=akYjiqMUJmKygEGFjm98xoldXdXVVM3m3N4DTydJltvIt8WxdS6OqZmAv58DJWpKo9YcJUdC5RnvtOmijtuAf1brNjatGmuoigI5NEn4cMnPn3rGENtbUu9T3hMGEhcaHmSAvsI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39e59c9568a-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/poster/miraculous-ladybug-cat-noir-the-movie-2023.jpg?v=1

172.67.202.34

200 OK

33 kB

URL GET HTTP/3
en.yts-official.mx/movies/poster/miraculous-ladybug-cat-noir-the-movie-2023.jpg?v=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 230x345, components 3
Size
33 kB (32662 bytes)
Hash
7cba6d807e67255b741db2fd98e2ab7b
f366e3995dbfaf9f264fe7bdd597426eb70d5e64
01c56c607debb0d055b30643604ec850dafca8e7584401ec9cce77f1c3899d75

HTTP Headers

GET /movies/poster/miraculous-ladybug-cat-noir-the-movie-2023.jpg?v=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: image/jpeg
content-length: 32662
last-modified: Sun, 29 Oct 2023 22:32:51 GMT
etag: "653edd93-7f96"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=588wHT0xRAsTr1%2BWOkAfSV7fTtNxWxLA3xw2G7jzpVNrIOInBoKtMUd5wH6o%2Bcjfxk31okOoqvT4wBrQeE6ItZroI%2FzMDOPN2T6hMWr%2FL01T44b94IcpNuzP4%2F1QrRE2aONUCDk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39e69d1568a-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/screenshot/elemental-2023-medium-screenshot2.jpg

172.67.202.34

200 OK

37 kB

URL GET HTTP/3
en.yts-official.mx/movies/screenshot/elemental-2023-medium-screenshot2.jpg
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x189, components 3
Size
37 kB (37079 bytes)
Hash
1f3dfe61b9bfe3e8352527e7a8d28b04
51139e47641897875ded77e7284186a7d955a94d
bbc7a028f37464d237b613ecb5decc21ca35ef2711edd75f57c0159c056fa1bf

HTTP Headers

GET /movies/screenshot/elemental-2023-medium-screenshot2.jpg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: image/jpeg
content-length: 37079
last-modified: Mon, 14 Aug 2023 22:34:24 GMT
etag: "64daabf0-90d7"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3E9%2Bwv7HVN4kJzfXkz347SL4%2Bqh5%2BeC0btLotw3svXcr6ELfya%2Fp7hPQ7iiKyiiSbeReUXkjj3RKvbwMPyqw7FqvjfwxJbqA%2BuPw1q5RDJjYpEnYZXcTL3HrYfBCfDZcyb6jd3s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39e69e2568a-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2

142.250.74.131

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20040, version 1.0
Size
20 kB (20040 bytes)
Hash
a61c670a24d6794a95a9712f0d12b656
c9b3114b27790109ec51508f51f1a033ccfe0812
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6

HTTP Headers

GET /s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:52:43 GMT
expires: Fri, 09 May 2025 01:52:43 GMT
cache-control: public, max-age=31536000
age: 144440
last-modified: Thu, 14 Sep 2023 00:51:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

en.yts-official.mx/movies/screenshot/elemental-2023-medium-screenshot3.jpg

172.67.202.34

200 OK

33 kB

URL GET HTTP/3
en.yts-official.mx/movies/screenshot/elemental-2023-medium-screenshot3.jpg
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x189, components 3
Size
33 kB (33172 bytes)
Hash
ce6f7d9a131963331cc489f97d215adb
219a7108613afb8b532374f3b2e94f5a937f77df
6451cb499db4baf55d882abca987ec05c2a0e55e159a0197d814977a98f71b95

HTTP Headers

GET /movies/screenshot/elemental-2023-medium-screenshot3.jpg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: image/jpeg
content-length: 33172
last-modified: Mon, 14 Aug 2023 22:34:25 GMT
etag: "64daabf1-8194"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SxJIglzwYYn531wamrgcWAtI9z52ij1O9buuk%2B9H%2FmRADSDhIDic5X0aYOgNk6HAczCuu8MWhLvxS7k2oxlHIAZgr2vKeZ5ijd%2BzyouA0qW6G1cn%2BVxWdGoPC1gWML%2BaqtdTUes%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39e69ed568a-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

104.17.24.14

200 OK

19 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidsrc.to/embed/movie/tt15789038/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (52276)
Size
19 kB (18752 bytes)
Hash
ded1c367363e8b20bdc6a19b8350a737
8c06d82739d14b094ff6d9036021a252bd1d985d
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf

HTTP Headers

GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidsrc.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: text/css; charset=utf-8
content-length: 18752
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6421d693-4940"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 235966
expires: Wed, 30 Apr 2025 18:00:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yqaj4Fr%2B7r%2Fxo%2FpG1EsPfGTrKsF3GiIWr6airFV4wphIdnUvFgmj4sMTQvCKk4eRSDIc3ryp1qNIPXfBfxEF9sBnKyMiZRFbppmw6XO0aa9GbrSSBvKwhbaVAhvdd%2FgmSfButBbi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881bd3a0df60b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

104.17.24.14

200 OK

28 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidsrc.to/embed/movie/tt15789038/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
28 kB (27938 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidsrc.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 171645
expires: Wed, 30 Apr 2025 18:00:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qdpDMFk3Lq%2F0DCfJZk2LG0TtV8DsrDuy04E0FaEqzIaCV1%2BUfm5EUYUpfl5nEX90JmemaN1TvGLJPGNO9dCw%2FRtrSuiOOMPv3EBCl9sVjGdAEA0dWnPSdMIg7el8t5sLuhf6GXyB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881bd3a0df66b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/arimo/v29/P5sCzZCDf9_T_10c9CNkiA.woff2

142.250.74.131

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/arimo/v29/P5sCzZCDf9_T_10c9CNkiA.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22052, version 1.0
Size
22 kB (22052 bytes)
Hash
f0e48ce2beda9e8cbd7d915bf1b1ae71
3dc1cfff1759b0959cc7fb17517651ec850d584d
b2504b3c20c2feb37e78773b788dd09a9cc43c9f36086bc1e2f83a6366ebaa34

HTTP Headers

GET /s/arimo/v29/P5sCzZCDf9_T_10c9CNkiA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 16:38:14 GMT
expires: Fri, 09 May 2025 16:38:14 GMT
cache-control: public, max-age=31536000
age: 91309
last-modified: Thu, 14 Sep 2023 00:00:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap/4.6.2/js/bootstrap.bundle.min.js

104.17.24.14

200 OK

19 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.6.2/js/bootstrap.bundle.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidsrc.to/embed/movie/tt15789038/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
19 kB (19448 bytes)
Hash
a0805bca912ec901f2a7096228b62d46
3233fd01d87fba457eaad8dcbc289f75b170f814
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49

HTTP Headers

GET /ajax/libs/bootstrap/4.6.2/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidsrc.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:00:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 19448
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62d72277-4bf8"
last-modified: Tue, 19 Jul 2022 21:30:31 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 224086
expires: Wed, 30 Apr 2025 18:00:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MYSoblKF2FFkocYtaUY4OHgKaA0ULv2hfsB78%2B%2BZPqYx37Nz4Y5TD68vAiq2a3cyqL4sjpgJZTE9OeXvSGcyl6yCRhgKa2mM9gSt1UvHlz5gueNjN6vtNNiCBLGpWVm%2FyPhxy7ze"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881bd3a15805b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

en.yts-official.mx/static/yts/images/website/1080p-quality.svg

172.67.202.34

200 OK

9.6 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/images/website/1080p-quality.svg
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
SVG Scalable Vector Graphics image
Size
9.6 kB (9611 bytes)
Hash
634e5a7bc26a159347b0467a54722675
579c580fb208d3b38725dc4a14d1dc52dea203fc
42e51d1c340334256885e2518dddfe787bc86afafa7f91bc9074f5a01ab41ff9

HTTP Headers

GET /static/yts/images/website/1080p-quality.svg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/static/yts/style/minified.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Feb 2024 03:18:39 GMT
etag: W/"65d2c88f-b77"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ds652vpZNNMIAZjPoTjxQdiUEbGmkYUwCtz6gouOVI9HU%2BJTbTtTVC1HoMrrTPnTvefvWWMh0SswHM3qLqnh1xEO%2BRa7%2Fw9xOf5XyhHeetlhdAlhj8c9eA%2BRC6R3XwglM7pDWCY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39fcc43568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2

104.17.24.14

200 OK

150 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidsrc.to/embed/movie/tt15789038/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 150124, version 772.256
Size
150 kB (150124 bytes)
Hash
c64278386c2bbb5e293e11b94ca2f6d1
6b99aa650bd12a36caa14e0127435d8f4cd3ba73
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

HTTP Headers

GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vidsrc.to
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 18:00:04 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150124
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-24a6c"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 170256
expires: Wed, 30 Apr 2025 18:00:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PenAJcz1U%2BODzPL9T82%2F7FfYLcB8vnYeedP82IM7K3yelpRUgsShkw4WF1tU041GPHaZ4BSd0nSzUWrGyaFK89p%2FnA%2FIel0t9oRTwMcR%2B1nThiVR8%2FI8aSBmsrhtAH7%2Fewm4YQLN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881bd3a1681cb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

en.yts-official.mx/movies/cover/elemental-2023.jpg

172.67.202.34

200 OK

68 kB

URL GET HTTP/3
en.yts-official.mx/movies/cover/elemental-2023.jpg
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 896x484, components 3
Size
68 kB (67620 bytes)
Hash
0af7f27c58110fe09ff7d45c1fb10636
6d66dbc667ada07bcb8bc76e179759b0f8f2f60f
c6f1163321df355f2cab55bccfcc46c9a76676836fd9fd825e4dc5dea5893099

HTTP Headers

GET /movies/cover/elemental-2023.jpg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:04 GMT
content-type: image/jpeg
content-length: 67620
last-modified: Mon, 14 Aug 2023 22:34:24 GMT
etag: "64daabf0-10824"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iz8jz%2Bu5dwN98hIbPTj%2FBm2JawYDoIZGRZrAt8Za970uQGVt4bPTFNUesp2mVhtO3oOliHchJ6Ct%2BYaTlWQgoVpcIIxj4pqU%2FKeezG75%2FbPVR%2F6f8ft7Hxu6Bu%2BFhEIguGQ4jgQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39fcc3f568a-OSL
alt-svc: h3=":443"; ma=86400

cawadversityinheritance.com/b1/27/0e/b1270e96b85c3dd200807d09a940c676.js

172.240.108.84

200 OK

28 kB

URL GET HTTP/1.1
cawadversityinheritance.com/b1/27/0e/b1270e96b85c3dd200807d09a940c676.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerLet's Encrypt
Subjectcawadversityinheritance.com
Fingerprint98:A5:90:6F:84:77:92:A9:84:C5:F4:B2:1A:32:B6:38:4A:43:F7:E9
ValidityTue, 30 Apr 2024 14:56:47 GMT - Mon, 29 Jul 2024 14:56:46 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
28 kB (28354 bytes)
Hash
9f442f866bb9a627f609dfb769040ea4
693823a2f060ee918f6def12cead88f579ccb9d7
6a711e2d117bdf545fb4e88d213c1f55c5c3cdd1c9fec4c144c8ec0998f8bb2d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /b1/27/0e/b1270e96b85c3dd200807d09a940c676.js HTTP/1.1
Host: cawadversityinheritance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:00:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a1023cb4a952979c026ea11fc735c9e5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cawadversityinheritance.com/0a/2f/9b/0a2f9bfefa2d59b6782f748beec9f30e.js

172.240.108.84

200 OK

16 kB

URL GET HTTP/1.1
cawadversityinheritance.com/0a/2f/9b/0a2f9bfefa2d59b6782f748beec9f30e.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerLet's Encrypt
Subjectcawadversityinheritance.com
Fingerprint98:A5:90:6F:84:77:92:A9:84:C5:F4:B2:1A:32:B6:38:4A:43:F7:E9
ValidityTue, 30 Apr 2024 14:56:47 GMT - Mon, 29 Jul 2024 14:56:46 GMT

File type
JavaScript source, ASCII text, with very long lines (44044), with no line terminators
Size
16 kB (15792 bytes)
Hash
34b2f702e5311404123a8868f3b6616b
0b101c89dd7790f174d20dda12eedd097297c7b8
5431900c74263ef49bab589429ba4d5ab8dff7d0b17f38c0013af0becc59a67b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /0a/2f/9b/0a2f9bfefa2d59b6782f748beec9f30e.js HTTP/1.1
Host: cawadversityinheritance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:00:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3deedf25ac66fef7e564a30e507b8014
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f7a3aabaedd5c95463e85c2d7682d410
715b2bd7dd959bb3423d71b22c43302b7a18a3a5
55ab8ca84eb2c090ff2a4eb9ebc48ce053c3f38261d66bded94f03719a384335

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 10 May 2024 18:00:04 GMT
Last-Modified: Fri, 10 May 2024 16:43:57 GMT
Server: ECAcc (ska/F7A7)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Vo_f7YYyR6Is8oPK1MXD-8HvVpB0GsPTlV7GmYUU_NMbTZ7-gX_vfg==
Age: 4567

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f7a3aabaedd5c95463e85c2d7682d410
715b2bd7dd959bb3423d71b22c43302b7a18a3a5
55ab8ca84eb2c090ff2a4eb9ebc48ce053c3f38261d66bded94f03719a384335

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 10 May 2024 18:00:04 GMT
Last-Modified: Fri, 10 May 2024 16:50:25 GMT
Server: ECAcc (ska/F75B)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SWaEgLoH6HTK6lXvOod8UlrFv0g8vJsNH6Zeo1ckIclGYtBEn7we7A==
Age: 4179

proftrafficcounter.com/stats

3.124.83.201

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.124.83.201:443
ASN
#16509 AMAZON-02

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
1a73a27601c157edf286dbf8cc79093e
59ba7d4050aa45c5abba5fa704642626276b1785
82597befc313514649191d5746ed8c96693f759408e91988c9b67bcbfd84d7f3

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:00:04 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://en.yts-official.mx
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=328bd9b7-3c50-4d49-825c-9aed08383024:3:1; expires=Mon, 08 May 2034 18:00:04 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

3.124.83.201

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.124.83.201:443
ASN
#16509 AMAZON-02

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
4527ee144b1a657054bf53f1ebcaea32
414bb3ee3520d23619519bc6b8896a7f2ee5e453
7e8eca0757245a1f14de704da2e1a22c735f59f44591dce85751fa5500681bde

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:00:04 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://en.yts-official.mx
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=522a3937-4997-4440-8d1f-badd467aa082:1:1; expires=Mon, 08 May 2034 18:00:04 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

en.yts-official.mx/static/yts/style/minified.css

172.67.202.34

200 OK

32 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/style/minified.css
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
gzip compressed data, from Unix
Size
32 kB (31702 bytes)
Hash
e50cc3bdd60d8aa9b2482644749c8236
06d230a2d70d4532039a6c1791713ea9d53af5e3
e96f1192ccf34ce697963eb0aeeeb343b36dc71b5da9e2b85c6c1cf974ab2554

HTTP Headers

GET /static/yts/style/minified.css HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: text/css
last-modified: Mon, 19 Feb 2024 08:38:28 GMT
vary: Accept-Encoding
etag: W/"65d31384-1d423"
expires: Fri, 10 May 2024 20:33:50 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 33973
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3KWSikCwzQM3H8sqpC2ZGEwmGMxKFbuZv3sDKHKLCpyMbb4FmkzY4bPfzd%2FXUlctanZrL91RoCQFteOxHMYpLAkXLAquKsVbCaggYtE3RGcG5baSdWQufQwTon8vj%2B0HV6AJfMU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd39e59ba568a-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/static/yts/image/favicon-16x16.png

172.67.202.34

200 OK

619 B

URL GET HTTP/3
en.yts-official.mx/static/yts/image/favicon-16x16.png
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced
Size
619 B (619 bytes)
Hash
ea830fdd4f9a6d19aa7455dabdac987a
b0d567d6b4d40959e1bd44032f6bc2331057b319
71148160c085a70d1af7708c1d52cfcf39f8ef6e4ce13f0f20c080b2e19195db

HTTP Headers

GET /static/yts/image/favicon-16x16.png HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=522a3937-4997-4440-8d1f-badd467aa082%3A1%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:04 GMT
content-type: image/png
content-length: 619
last-modified: Mon, 19 Feb 2024 10:45:38 GMT
etag: "65d33152-26b"
expires: Sat, 08 Jun 2024 09:23:28 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 117396
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0E42DABveKyNDd2wkdbTvFQ4oZW6IvQiMX2ONUNIkGDMyjs1R8DSqXZSNNcw1WMIdyR2rvY1Czi8WuoYY8b%2BzWJ0NLyWjzjVCqdr6ff72yDdMhQgknCMhHCPk%2FVYmFZ6OZCzGjk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd3a71e25568a-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/static/yts/image/apple-touch-icon-180x180.png

172.67.202.34

200 OK

7.0 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/image/apple-touch-icon-180x180.png
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
PNG image data, 152 x 152, 8-bit/color RGB, non-interlaced
Size
7.0 kB (6973 bytes)
Hash
f87afcf11d459620ff02da6112365db2
d09e6d4e7db706569474bfb7ec93f31ccbd6ed69
a70913fad67537f16d871e4c456c8f4484106f6d4ef3e12fa3c3b2eceefee508

HTTP Headers

GET /static/yts/image/apple-touch-icon-180x180.png HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=522a3937-4997-4440-8d1f-badd467aa082%3A1%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:04 GMT
content-type: image/png
content-length: 6973
last-modified: Mon, 19 Feb 2024 10:45:38 GMT
etag: "65d33152-1b3d"
expires: Sat, 08 Jun 2024 09:41:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 116294
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fxDRlGcrDsPuKrAf4Boyvkb57SUSxHiWoBI4Y3wTQFIkdqQyUgRNacjxchGC6OGS80UW6IEWtzAR2hThnaLXtuOWgb5ZWhZ52bKuM5l5duZeYijZCRTwn2n8U8m%2B%2FoxTym2jpO8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd3a71e23568a-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/movies/elemental-2023/

172.67.202.34

200 OK

10 kB

URL GET HTTP/3
en.yts-official.mx/movies/elemental-2023/
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
HTML document, ASCII text, with very long lines (2261), with CRLF line terminators
Size
10 kB (10511 bytes)
Hash
447c51b97af852b67d5c26828b0438c1
b5c24f4d402db311643edc06de4fcfe20fda27d7
5a912b9c664461d5c66d3729c03ed8789d81ddaf7ec1d55dab25eef1dcba2568

HTTP Headers

GET /movies/elemental-2023/ HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BD3ydvsMSYHnrBDQn%2B%2FT%2B5jjrJ0lST5ceL9bzHx8pHPUWQfui9XdX9nl%2FqEQZ9yoOYHXgoVegqzaTdFVM08j1EXaUDU%2FS6KqJbJk0d8%2BfbqvrtiOt8YIRM7L3q1j1p5ubUVCSc8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd3a42a70568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/static/yts/images/website/icon-search.svg

172.67.202.34

200 OK

4.9 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/images/website/icon-search.svg
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
SVG Scalable Vector Graphics image
Size
4.9 kB (4885 bytes)
Hash
10c10634d2bb0228cd4d4e884613abb1
bdb85d8d0c1d13f0170cffe097c34c0b2f88ba03
1d3766a87712c953b7768cd1ffe2146e07e9bd555cd894c9eb0bdda6c0e6baf6

HTTP Headers

GET /static/yts/images/website/icon-search.svg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/static/yts/style/minified.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Feb 2024 03:18:39 GMT
etag: W/"65d2c88f-37e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0RFFo84ZMtCBUxJMQX4exJhL8f2yCXazYWAriSK7hLnYg5%2FWvOzUKBq8giyDtNs1wiLuOF%2BkZw7fNL9CDrUL9lCUj56EX5mWj9CuFbzOjJstOU48zf1mEEbphHI%2BdiDeb0QKFcE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39fcc3d568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downstairsnegotiatebarren.com/sfp.js

172.67.180.87

200 OK

28 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
172.67.180.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27964 bytes)
Hash
f4a2f8f9f99541c6f105bbd0a025bd40
1f8e3eff12168fdd9e719adfc098d24a45b6916a
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:00:05 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: aa3e11d4fb4a98ec64298009122858da
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 10 May 2024 18:00:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ttwg4nEjBAul3KhVu9NFVNluKZQ0cUEQvA%2BH3d3Sn1EC3br4fiw4cRfRDLq9rqhVrugi4CL39laUcjPPNRSY2PJuLUVMUU8a3qSoYpwfSFp7qSA1vLvHAabWa6qiC4MEFSfMxp6CxYiz%2B1oKQw4Lqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd3a44b365691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

capaciousdrewreligion.com/advertisers.js

192.243.59.20

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
FingerprintBB:9C:12:88:24:43:D4:47:71:3F:F0:A4:BB:E1:85:65:CE:E7:92:E4
ValidityMon, 06 May 2024 02:35:23 GMT - Sun, 04 Aug 2024 02:35:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 18:00:05 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: af5d62a0dc225b7894bbc9159bbac9ee
Strict-Transport-Security: max-age=0; includeSubdomains

customarydesolate.com/sbar.json?key=0a2f9bfefa2d59b6782f748beec9f30e&uuid=328bd9b7-3c50-4d49-825c-9aed08383024%3A3%3A1

172.240.108.68

200 OK

8.3 kB

URL GET HTTP/1.1
customarydesolate.com/sbar.json?key=0a2f9bfefa2d59b6782f748beec9f30e&uuid=328bd9b7-3c50-4d49-825c-9aed08383024%3A3%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerLet's Encrypt
Subjectcustomarydesolate.com
Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8
ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT

File type
JSON text data
Size
8.3 kB (8348 bytes)
Hash
b9119bc770c0cb538df87083bd8e3a45
06786397d3078d5dc9bb53667caf2596c7359ad6
4e4bc988e719d1780e8c1cd29a6e87c7935bb5e7747a9d6346d403624c2ae82f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=0a2f9bfefa2d59b6782f748beec9f30e&uuid=328bd9b7-3c50-4d49-825c-9aed08383024%3A3%3A1 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:00:05 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://en.yts-official.mx
Access-Control-Allow-Origin: https://en.yts-official.mx
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16587847; expires=Sat, 11 May 2024 18:00:05 GMT; secure; SameSite=None
uid_id2=328bd9b7-3c50-4d49-825c-9aed08383024:3:1; expires=Fri, 17 May 2024 18:00:05 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 11 May 2024 18:00:05 GMT; secure; SameSite=None
uncs=1; expires=Sat, 11 May 2024 18:00:05 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 11 May 2024 18:00:05 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 11 May 2024 18:00:05 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f88a534cc7c8db818d7ee1e7c69c963d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

customarydesolate.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuzsaTICh7UFZhDh5WMJPunt8uuBhjlmjchN0VvWl1VfWkTE1XU9U1PckpuCB7HL147XyTbFAX2b0KLtJZ8BAQMp5yMBf%2FA4W9KTLj4Og71Huvvq%2Bor756nx%2B4CxLC0fPV9%2FWeVIouN6p%2B5epHQXCtsiETN6gM2s2Pm%2FVrFdN%2Fo9Os%2Bq9Vbgi2o5dDP%2FD9wA8qa9KIWA%2BWJyBk%2BqATVDt%2BtR5Wg0YdA%2FP%2F3joPlnrg%2FQvyAiQfLz7xLkOyEknv4aqwO5lOX3%2Bn5xTNtEGfH3%2BQ7CQ6T9Cbl7HxECfHMza0PVt7DJ0cTeVC9%2F8lRnJMvJ8eI0qOZyIR9Q%2BnOiMFkSDizyLvlxCqhKQlmL4Lyc8IwDhubiLp3b%2BpTU53%2F0HpBB2Txad%2FQOZjsvjrZSS971aUHFRua%2BUyqROLQVxADkrIbonUnSDbW4DMT8CyzyD5z2T56QaS3uGmVRqSn79aC9sR70StpRpr%2BEt1Xu8stcMGW%2BpQwf12rV3zw%2FrUIClLyLiEEkNQewnOenDSg4s9uNRDj59XWBAELZ8z6rc7jNV4S0RN7ge0FQc08JttODZ5wxBZOgRTQzCzj9TsY0d%2BcdZ4F8b9CLtdwHIPNiPo8wK5IMgtQU4JckmQZwR5vzjiyoa2uM%2BVdVEwy%2BEs14qRzroH9EhnXZEQUDOE4cVBekGen3r458s3sCPOKz4N404Ui5iGvNGJmq12GLfq7UgI1olrvoCVBaRdALUe9uSYvLT%2BIlI5Js989RciegKrTsCkB%2BpeAc0L0O0Ce8nxbmarOhHgukCaLSLb9Q7UBbkyvXx98xEEO73%2BW20aYKZAagp8Kp8QdNW90S2dk8NbOrfk0WaayZ7co5PPvZ3RTFz65j2xm2vD11ft8Ou32ASYlA%2FuCJtt0ITLpGvJtyuSc2HWtGGC%2FLBuPxTRlrPbK84kLt3YenttvZcaYa3USQk6mdPfDZgck%2Beu3JnO7dXvtyBNCeMK9NwpmQWkLsHSfdh0rt9qAqPmnCj1kLtiZMJovqkkgRLznkYF7H%2F6aF6PDJ2cprI4sPfQNQug2V0kvQJ9U6CvClA1hHWXRllqTq%2F%2FMpMRqYVRpMzCYaSM%2BnJq82R5CCvPK61azafNTiNotahoRfWwHTcDTmlYb4bNJq0hs%2BP4zU%2BO%2FgYAAP%2F%2FAQAA%2F%2F%2Fzom1ikQQAAA%3D%3D

172.240.108.68

200 OK

7 B

URL GET HTTP/1.1
customarydesolate.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuzsaTICh7UFZhDh5WMJPunt8uuBhjlmjchN0VvWl1VfWkTE1XU9U1PckpuCB7HL147XyTbFAX2b0KLtJZ8BAQMp5yMBf%2FA4W9KTLj4Og71Huvvq%2Bor756nx%2B4CxLC0fPV9%2FWeVIouN6p%2B5epHQXCtsiETN6gM2s2Pm%2FVrFdN%2Fo9Os%2Bq9Vbgi2o5dDP%2FD9wA8qa9KIWA%2BWJyBk%2BqATVDt%2BtR5Wg0YdA%2FP%2F3joPlnrg%2FQvyAiQfLz7xLkOyEknv4aqwO5lOX3%2Bn5xTNtEGfH3%2BQ7CQ6T9Cbl7HxECfHMza0PVt7DJ0cTeVC9%2F8lRnJMvJ8eI0qOZyIR9Q%2BnOiMFkSDizyLvlxCqhKQlmL4Lyc8IwDhubiLp3b%2BpTU53%2F0HpBB2Txad%2FQOZjsvjrZSS971aUHFRua%2BUyqROLQVxADkrIbonUnSDbW4DMT8CyzyD5z2T56QaS3uGmVRqSn79aC9sR70StpRpr%2BEt1Xu8stcMGW%2BpQwf12rV3zw%2FrUIClLyLiEEkNQewnOenDSg4s9uNRDj59XWBAELZ8z6rc7jNV4S0RN7ge0FQc08JttODZ5wxBZOgRTQzCzj9TsY0d%2BcdZ4F8b9CLtdwHIPNiPo8wK5IMgtQU4JckmQZwR5vzjiyoa2uM%2BVdVEwy%2BEs14qRzroH9EhnXZEQUDOE4cVBekGen3r458s3sCPOKz4N404Ui5iGvNGJmq12GLfq7UgI1olrvoCVBaRdALUe9uSYvLT%2BIlI5Js989RciegKrTsCkB%2BpeAc0L0O0Ce8nxbmarOhHgukCaLSLb9Q7UBbkyvXx98xEEO73%2BW20aYKZAagp8Kp8QdNW90S2dk8NbOrfk0WaayZ7co5PPvZ3RTFz65j2xm2vD11ft8Ou32ASYlA%2FuCJtt0ITLpGvJtyuSc2HWtGGC%2FLBuPxTRlrPbK84kLt3YenttvZcaYa3USQk6mdPfDZgck%2Beu3JnO7dXvtyBNCeMK9NwpmQWkLsHSfdh0rt9qAqPmnCj1kLtiZMJovqkkgRLznkYF7H%2F6aF6PDJ2cprI4sPfQNQug2V0kvQJ9U6CvClA1hHWXRllqTq%2F%2FMpMRqYVRpMzCYaSM%2BnJq82R5CCvPK61azafNTiNotahoRfWwHTcDTmlYb4bNJq0hs%2BP4zU%2BO%2FgYAAP%2F%2FAQAA%2F%2F%2Fzom1ikQQAAA%3D%3D
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerLet's Encrypt
Subjectcustomarydesolate.com
Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8
ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuzsaTICh7UFZhDh5WMJPunt8uuBhjlmjchN0VvWl1VfWkTE1XU9U1PckpuCB7HL147XyTbFAX2b0KLtJZ8BAQMp5yMBf%2FA4W9KTLj4Og71Huvvq%2Bor756nx%2B4CxLC0fPV9%2FWeVIouN6p%2B5epHQXCtsiETN6gM2s2Pm%2FVrFdN%2Fo9Os%2Bq9Vbgi2o5dDP%2FD9wA8qa9KIWA%2BWJyBk%2BqATVDt%2BtR5Wg0YdA%2FP%2F3joPlnrg%2FQvyAiQfLz7xLkOyEknv4aqwO5lOX3%2Bn5xTNtEGfH3%2BQ7CQ6T9Cbl7HxECfHMza0PVt7DJ0cTeVC9%2F8lRnJMvJ8eI0qOZyIR9Q%2BnOiMFkSDizyLvlxCqhKQlmL4Lyc8IwDhubiLp3b%2BpTU53%2F0HpBB2Txad%2FQOZjsvjrZSS971aUHFRua%2BUyqROLQVxADkrIbonUnSDbW4DMT8CyzyD5z2T56QaS3uGmVRqSn79aC9sR70StpRpr%2BEt1Xu8stcMGW%2BpQwf12rV3zw%2FrUIClLyLiEEkNQewnOenDSg4s9uNRDj59XWBAELZ8z6rc7jNV4S0RN7ge0FQc08JttODZ5wxBZOgRTQzCzj9TsY0d%2BcdZ4F8b9CLtdwHIPNiPo8wK5IMgtQU4JckmQZwR5vzjiyoa2uM%2BVdVEwy%2BEs14qRzroH9EhnXZEQUDOE4cVBekGen3r458s3sCPOKz4N404Ui5iGvNGJmq12GLfq7UgI1olrvoCVBaRdALUe9uSYvLT%2BIlI5Js989RciegKrTsCkB%2BpeAc0L0O0Ce8nxbmarOhHgukCaLSLb9Q7UBbkyvXx98xEEO73%2BW20aYKZAagp8Kp8QdNW90S2dk8NbOrfk0WaayZ7co5PPvZ3RTFz65j2xm2vD11ft8Ou32ASYlA%2FuCJtt0ITLpGvJtyuSc2HWtGGC%2FLBuPxTRlrPbK84kLt3YenttvZcaYa3USQk6mdPfDZgck%2Beu3JnO7dXvtyBNCeMK9NwpmQWkLsHSfdh0rt9qAqPmnCj1kLtiZMJovqkkgRLznkYF7H%2F6aF6PDJ2cprI4sPfQNQug2V0kvQJ9U6CvClA1hHWXRllqTq%2F%2FMpMRqYVRpMzCYaSM%2BnJq82R5CCvPK61azafNTiNotahoRfWwHTcDTmlYb4bNJq0hs%2BP4zU%2BO%2FgYAAP%2F%2FAQAA%2F%2F%2Fzom1ikQQAAA%3D%3D HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=328bd9b7-3c50-4d49-825c-9aed08383024:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:00:05 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a68e54cfa179cef278c42e0b1a8623bb
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css

188.114.96.1

200 OK

1.6 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
gzip compressed data, from Unix
Size
1.6 kB (1590 bytes)
Hash
4c0afbb90e727db995b238a3e207516c
26ab837b22dccc4431be93141786687cc46f8196
1ad7569a3d58146c93703b92e681a47d472f194343cfff31c78bdc2897d7e7fe

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:00:05 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-d1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 216361
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zgq0xUzR10sCMiClFC1SJAUwlxzpHwpkquL8njQFQ4QPeISqgA8iRROiqZtxlkuYOo9IxRYrIRZfAGgTgwlR21dPD7iWJeW3YJUaI3jcV5GWZhIB3iR1wnB%2F4BvHdmtosyQU4CMBxyIF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd3acae2c56c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=107

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=107
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerLet's Encrypt
Subjectcustomarydesolate.com
Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8
ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=107 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=328bd9b7-3c50-4d49-825c-9aed08383024:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:00:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=83

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=83
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerLet's Encrypt
Subjectcustomarydesolate.com
Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8
ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=83 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=328bd9b7-3c50-4d49-825c-9aed08383024:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:00:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.cloudimagesb.com/si/07/9c/1b/079c1b9b48633e3ef398faef0739f24f/1701651986.png

45.133.44.9

200 OK

16 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/07/9c/1b/079c1b9b48633e3ef398faef0739f24f/1701651986.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
16 kB (16093 bytes)
Hash
14cf262fabfd850855c42847d14fe775
2fafa28f167f018a0fb1f261f47380c8810803c9
972004ebada4077c3a4d03dcb45175ea467faf54da72be727a1c5c75e688b8af

HTTP Headers

GET /si/07/9c/1b/079c1b9b48633e3ef398faef0739f24f/1701651986.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:00:06 GMT
content-type: image/png
content-length: 16093
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 01:06:35 GMT
etag: "656d261b-3edd"
expires: Sun, 12 May 2024 18:00:06 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=18

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=18
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerLet's Encrypt
Subjectcustomarydesolate.com
Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8
ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=18 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=328bd9b7-3c50-4d49-825c-9aed08383024:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:00:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=82

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=82
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerLet's Encrypt
Subjectcustomarydesolate.com
Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8
ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=82 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=328bd9b7-3c50-4d49-825c-9aed08383024:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:00:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

customarydesolate.com/pixel/sbs?c=1

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
customarydesolate.com/pixel/sbs?c=1
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerLet's Encrypt
Subjectcustomarydesolate.com
Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8
ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=328bd9b7-3c50-4d49-825c-9aed08383024:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:00:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

customarydesolate.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuzsaTICh7UFZhDh5WMJPunt8uuBhjlmjchN0VvWn96kmZmq6mqnt6klNwQfY4evHa%2BSbZoC6yexVcpLPgISBkPOVgLv4HCntTZMbB0Xeo9159X1FfffU%2BP8guSIiMnq%2B%2Bb%2FaU1nS5UfUrVz8KgmuVDRVng8qg3fy4Wb9Wsf03Os2q%2F1rlhuQ7Zjn0A98P%2FKCypqyMzGB5AkIlDzpBteNX62E1aNQxsP%2FvXebBUQ%2Bif0FegBLjxSfeZSheIu49XJVuJzXJ6%2B%2F0Mk1TY9EXxx%2FEO7HJY%2FTmZWQ9RPHxjA3jztYew8RHU7kw%2FX%2BJTI2J99NjsPh4JhKsfzjVyTRkDCaeRd4vIXUJRUtwcxdKnBGAC9zcRNy7f9PYnO7%2Bg9IJOiaLT%2F%2BAysdk8dfLiHvfrWg1qNw2OkuViR0GUQE1KKG6JZLsBOneAlR%2BAp5%2BBiV%2BJstPNxD3DjedNlDi%2FNVa2Gaiw1pLNd7wl%2Bqi3llqhw2%2B1KFS%2BO1au%2BaH9alBSpVQUQkth6DuEjLnIVMesshDlnjoifMKD4Kg5QtO%2FXaH85poSdYUfkBbUUADv9lGxidvGCJNhuB6CG73kdh97KgvzhrvwmY%2Fwm0XcMKDSwn6okAuCXJHkFOCXBHkKUHeL46EdqEr7gvtMhbMcjjLtWJk0u4BPTJpV8YE1A5hRXGQXJDnpx7%2B%2BfIN7Mjzik%2FDqMMiGdFQNDqs2WqHUaveZlLyTlTzJZwqoNwCqPOwp8bkpfUXkagxeearv8DoCZw%2BAVceaPYKaF6AbhfYi493U1c1sYQwBZJ0Eemud6AvyJXp5eubjyD56fXfatMAtwUSW%2BBT9YSgq%2B%2BNbpmcHN4yuSOPNpNU9dQenXzu7ZSm8tI378nd3FixvuqGX7%2FFJ8CkfHBHunSDxkLFXUe%2BXVFCSLtmLJfkh3X3oWRbmdteyWycJRtbb6%2Bt9xIrnVMmLkEnc%2Fq7BVdj8tyVO9O5vfr9FpQtYbMCveyUzALKlODJPlwy1%2B8MgdVzDks85FkxsiGbb2pFoOW8p6yA%2B0%2FP5vXI0slpqooDdw9duwCa3kXcK9C3Bfq6ANVDuOzSKE3s6fVfZjKYXhgxbRcOmbb6y6nNk%2BUhnDqv1HzRYjKSLSbrjXokuWCNBvN5xFlNtNscqRtHb35y9DcAAAD%2F%2FwEAAP%2F%2Fc3a4ipEEAAA%3D

172.240.108.68

200 OK

7 B

URL GET HTTP/1.1
customarydesolate.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuzsaTICh7UFZhDh5WMJPunt8uuBhjlmjchN0VvWn96kmZmq6mqnt6klNwQfY4evHa%2BSbZoC6yexVcpLPgISBkPOVgLv4HCntTZMbB0Xeo9159X1FfffU%2BP8guSIiMnq%2B%2Bb%2FaU1nS5UfUrVz8KgmuVDRVng8qg3fy4Wb9Wsf03Os2q%2F1rlhuQ7Zjn0A98P%2FKCypqyMzGB5AkIlDzpBteNX62E1aNQxsP%2FvXebBUQ%2Bif0FegBLjxSfeZSheIu49XJVuJzXJ6%2B%2F0Mk1TY9EXxx%2FEO7HJY%2FTmZWQ9RPHxjA3jztYew8RHU7kw%2FX%2BJTI2J99NjsPh4JhKsfzjVyTRkDCaeRd4vIXUJRUtwcxdKnBGAC9zcRNy7f9PYnO7%2Bg9IJOiaLT%2F%2BAysdk8dfLiHvfrWg1qNw2OkuViR0GUQE1KKG6JZLsBOneAlR%2BAp5%2BBiV%2BJstPNxD3DjedNlDi%2FNVa2Gaiw1pLNd7wl%2Bqi3llqhw2%2B1KFS%2BO1au%2BaH9alBSpVQUQkth6DuEjLnIVMesshDlnjoifMKD4Kg5QtO%2FXaH85poSdYUfkBbUUADv9lGxidvGCJNhuB6CG73kdh97KgvzhrvwmY%2Fwm0XcMKDSwn6okAuCXJHkFOCXBHkKUHeL46EdqEr7gvtMhbMcjjLtWJk0u4BPTJpV8YE1A5hRXGQXJDnpx7%2B%2BfIN7Mjzik%2FDqMMiGdFQNDqs2WqHUaveZlLyTlTzJZwqoNwCqPOwp8bkpfUXkagxeearv8DoCZw%2BAVceaPYKaF6AbhfYi493U1c1sYQwBZJ0Eemud6AvyJXp5eubjyD56fXfatMAtwUSW%2BBT9YSgq%2B%2BNbpmcHN4yuSOPNpNU9dQenXzu7ZSm8tI378nd3FixvuqGX7%2FFJ8CkfHBHunSDxkLFXUe%2BXVFCSLtmLJfkh3X3oWRbmdteyWycJRtbb6%2Bt9xIrnVMmLkEnc%2Fq7BVdj8tyVO9O5vfr9FpQtYbMCveyUzALKlODJPlwy1%2B8MgdVzDks85FkxsiGbb2pFoOW8p6yA%2B0%2FP5vXI0slpqooDdw9duwCa3kXcK9C3Bfq6ANVDuOzSKE3s6fVfZjKYXhgxbRcOmbb6y6nNk%2BUhnDqv1HzRYjKSLSbrjXokuWCNBvN5xFlNtNscqRtHb35y9DcAAAD%2F%2FwEAAP%2F%2Fc3a4ipEEAAA%3D
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerLet's Encrypt
Subjectcustomarydesolate.com
Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8
ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuzsaTICh7UFZhDh5WMJPunt8uuBhjlmjchN0VvWn96kmZmq6mqnt6klNwQfY4evHa%2BSbZoC6yexVcpLPgISBkPOVgLv4HCntTZMbB0Xeo9159X1FfffU%2BP8guSIiMnq%2B%2Bb%2FaU1nS5UfUrVz8KgmuVDRVng8qg3fy4Wb9Wsf03Os2q%2F1rlhuQ7Zjn0A98P%2FKCypqyMzGB5AkIlDzpBteNX62E1aNQxsP%2FvXebBUQ%2Bif0FegBLjxSfeZSheIu49XJVuJzXJ6%2B%2F0Mk1TY9EXxx%2FEO7HJY%2FTmZWQ9RPHxjA3jztYew8RHU7kw%2FX%2BJTI2J99NjsPh4JhKsfzjVyTRkDCaeRd4vIXUJRUtwcxdKnBGAC9zcRNy7f9PYnO7%2Bg9IJOiaLT%2F%2BAysdk8dfLiHvfrWg1qNw2OkuViR0GUQE1KKG6JZLsBOneAlR%2BAp5%2BBiV%2BJstPNxD3DjedNlDi%2FNVa2Gaiw1pLNd7wl%2Bqi3llqhw2%2B1KFS%2BO1au%2BaH9alBSpVQUQkth6DuEjLnIVMesshDlnjoifMKD4Kg5QtO%2FXaH85poSdYUfkBbUUADv9lGxidvGCJNhuB6CG73kdh97KgvzhrvwmY%2Fwm0XcMKDSwn6okAuCXJHkFOCXBHkKUHeL46EdqEr7gvtMhbMcjjLtWJk0u4BPTJpV8YE1A5hRXGQXJDnpx7%2B%2BfIN7Mjzik%2FDqMMiGdFQNDqs2WqHUaveZlLyTlTzJZwqoNwCqPOwp8bkpfUXkagxeearv8DoCZw%2BAVceaPYKaF6AbhfYi493U1c1sYQwBZJ0Eemud6AvyJXp5eubjyD56fXfatMAtwUSW%2BBT9YSgq%2B%2BNbpmcHN4yuSOPNpNU9dQenXzu7ZSm8tI378nd3FixvuqGX7%2FFJ8CkfHBHunSDxkLFXUe%2BXVFCSLtmLJfkh3X3oWRbmdteyWycJRtbb6%2Bt9xIrnVMmLkEnc%2Fq7BVdj8tyVO9O5vfr9FpQtYbMCveyUzALKlODJPlwy1%2B8MgdVzDks85FkxsiGbb2pFoOW8p6yA%2B0%2FP5vXI0slpqooDdw9duwCa3kXcK9C3Bfq6ANVDuOzSKE3s6fVfZjKYXhgxbRcOmbb6y6nNk%2BUhnDqv1HzRYjKSLSbrjXokuWCNBvN5xFlNtNscqRtHb35y9DcAAAD%2F%2FwEAAP%2F%2Fc3a4ipEEAAA%3D HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Cookie: u_pl=16587847; uid_id2=328bd9b7-3c50-4d49-825c-9aed08383024:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:00:06 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6c88335a2bb3be9f5b4e518892df63ea
Strict-Transport-Security: max-age=0; includeSubdomains

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.131

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:08:19 GMT
expires: Sat, 10 May 2025 06:08:19 GMT
cache-control: public, max-age=31536000
age: 42707
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

17 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
17 kB (16577 bytes)
Hash
1298b8a71ffc95bcd8c12a4edf7cded3
fa6baae683b44f80e732c480ed53da6e3bef71b0
ae4befdaeb4f3dd4bd9879a4a54b7fc89398167e571d04f7658967edcb338cb3

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 18:00:05 GMT
date: Fri, 10 May 2024 18:00:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

en.yts-official.mx/static/yts/images/website/720p-quality.svg

172.67.202.34

200 OK

9.1 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/images/website/720p-quality.svg
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
SVG Scalable Vector Graphics image
Size
9.1 kB (9116 bytes)
Hash
5aeb94417ec4ea45df9073b018e55c37
d4e0e83ab37437aa33dcd7a1c9a0e45527eb3792
e45d8d73fe1d94b36bc4296363ecb3eb37de6c5c2201962fda5a8ed38f005f7c

HTTP Headers

GET /static/yts/images/website/720p-quality.svg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/static/yts/style/minified.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Feb 2024 03:18:39 GMT
etag: W/"65d2c88f-8e1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MC4dG1ph9IrL4KaOHOOSaIqM5naqVbOWza4icmkYl22gxptw%2FHAD9ZP0r5xZzrJPWVQefoAxx5I8H1zEGJ%2FG%2FJNivWbzw%2BFEYzu%2BdBSVa1M6le41HDTsVrfxcsGtUb9i%2BvUkiQY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39fdc5e568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/static/yts/fonts/glyphicons-halflings-regular.woff

172.67.202.34

200 OK

23 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/fonts/glyphicons-halflings-regular.woff
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
Web Open Font Format, TrueType, length 23320, version 1.0
Size
23 kB (23320 bytes)
Hash
68ed1dac06bf0409c18ae7bc62889170
22037a3455914e5662fa51a596677bdb329e2c5c
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

HTTP Headers

GET /static/yts/fonts/glyphicons-halflings-regular.woff HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/static/yts/style/minified.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: font/woff
content-length: 23320
last-modified: Mon, 19 Feb 2024 03:18:39 GMT
etag: "65d2c88f-5b18"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5790
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u8lhjTVX%2FJL%2FuFZ3FtnJRyO5CY87vBElYquROnd6YCNLCLn1yqmWGLeFqza74JNwfzRrRX%2Bly38d3YZBoxmlMoDAbOhvoOkxY7TMdT9FJ2X1VbTdRsaRV6BcMXRdenTV31FaVeo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd3a01cee568a-OSL
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/script.js

188.114.96.1

200 OK

962 B

URL GET HTTP/3
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/script.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text, with very long lines (1015), with no line terminators
Size
962 B (962 bytes)
Hash
88523e22d10f0cbad31aa1d8276764fa
9238cd9499e01abdbeb33e68c550d26cfb6eaba5
d553390acb639c765cb6aaa4fbb72529e4005227d190f53108aec87ccec411c2

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:06 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-3c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 862674
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FQZ0Pqw0QmJhJ942swK67Q3O7oPr2xtLGhrT2W2x39O%2BdOQXrhKnwU8oFrMzX%2Fl0rsWvd3q%2FJyiUrPBDNvVFN3l49AcOoujnBPxWTF2V80LrhEFEn%2BVoTYhNyK31v4ag%2BNmKhpcV6dDg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd3ad8f6f56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html

45.133.44.4

200 OK

1.3 kB

URL GET HTTP/2
cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html
IP
45.133.44.4:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerLet's Encrypt
Subjectcdn.barscreative1.com
Fingerprint08:55:F0:C8:EA:24:54:0D:3C:B9:2C:95:3E:DC:BF:FB:A8:76:BA:BC
ValidityThu, 09 May 2024 03:01:15 GMT - Wed, 07 Aug 2024 03:01:14 GMT

File type
HTML document, ASCII text, with very long lines (1405), with no line terminators
Size
1.3 kB (1325 bytes)
Hash
5373f3c4843345dde67db670323b2d54
666b2db9872196e52a2bc902111de5e37aa1ae28
e398fbdac28494dec6505fb0143d4cd41cee83989517e12c13ea113fef006fda

HTTP Headers

GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:00:05 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Mon, 27 Sep 2021 07:43:24 GMT
etag: W/"6151761c-52d"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 10 May 2024 19:00:05 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/img/close.png

188.114.96.1

200 OK

591 B

URL GET HTTP/3
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/img/close.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
Size
591 B (591 bytes)
Hash
9fd5bcb6103d86e317bd1eb019bcbe71
6b5a52ea669dcb74946f2bed4bdd7ec985026113
0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:05 GMT
content-type: image/png
content-length: 591
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: "65aa84fe-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 870141
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IInfqG9wm5gSlr5ZO%2FTo5eTBL4HT9BTKOIP6C6DkYstd9pcvuaXeirb5tXhwqA2FjnNVHAUDqmKVgH48F15M6NgeGj5c0t%2B0A3MR4g0EV4NC6yVZx%2B4d2FXuSieA2qjfpIXamdUtClWL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd3ad2edf56a4-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.131

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 10:46:32 GMT
expires: Wed, 07 May 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 285214
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

en.yts-official.mx/static/yts/images/website/magnet.svg

172.67.202.34

200 OK

982 B

URL GET HTTP/3
en.yts-official.mx/static/yts/images/website/magnet.svg
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
SVG Scalable Vector Graphics image
Size
982 B (982 bytes)
Hash
b1f2c0a1384b292d61d6ccdb9b4de056
24cb951e1e6da31c99ba0c45638e9d210de60a62
a1339a5f93ce740459f0ef5967f57827ecf0a708e3504146a401d4968650c854

HTTP Headers

GET /static/yts/images/website/magnet.svg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/static/yts/style/minified.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Feb 2024 03:18:39 GMT
etag: W/"65d2c88f-3d6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=91NsvKlDOwozjAY%2Ffm0p8bf9v2C91Pc7JBi0%2FF6veIHWKEPV3vUVkA2le5%2F4B3oBr%2B0pu7UjO55vxlKfx4VQ33C0EeGRXE6jPH%2BqdNAYGkg%2FZ5gVPmTb0Bt4AL2iK1xXSyqVgmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39fcc4b568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/static/yts/css/loading.css

172.67.202.34

200 OK

2.8 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/css/loading.css
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
ASCII text, with very long lines (3095), with no line terminators
Size
2.8 kB (2835 bytes)
Hash
a4e08ea672b525407c93c52dcedabbad
2d01194a908b02dff41147969f92027d83b082d2
ebde13ee7b0fe214ec069389b397750aaa5e58688b527e24ac69506cfdbb7704

HTTP Headers

GET /static/yts/css/loading.css HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: text/css
last-modified: Mon, 19 Feb 2024 03:18:39 GMT
vary: Accept-Encoding
etag: W/"65d2c88f-b13"
expires: Fri, 10 May 2024 20:13:41 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 35182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u66ubB0eW79O%2F8B8rS21YlX4xrzA3GhJW233seFUdQqFz2WOPXClRPhlVJRMenjEqPUhdaBiU607VQU2RIjjtxQMbJN3OkkhlkO4mYOUv6nOBPkURkpbw03NgAlopL36DZCNJBQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd39e59c4568a-OSL
alt-svc: h3=":443"; ma=86400

vidsrc.to/assets/embed/min/all.js?v=663d8cfa

104.21.64.103

200 OK

88 kB

URL GET HTTP/3
vidsrc.to/assets/embed/min/all.js?v=663d8cfa
IP
104.21.64.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidsrc.to/embed/movie/tt15789038/
Certificate
IssuerGoogle Trust Services LLC
Subjectvidsrc.to
Fingerprint1D:91:BF:0E:81:D2:1C:22:D3:9C:9C:8D:88:3E:B4:E5:E2:68:DE:FC
ValidityFri, 22 Mar 2024 12:30:27 GMT - Thu, 20 Jun 2024 12:30:26 GMT

File type

Size
88 kB (87604 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/embed/min/all.js?v=663d8cfa HTTP/1.1
Host: vidsrc.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidsrc.to/embed/movie/tt15789038/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: application/javascript
last-modified: Fri, 10 May 2024 02:57:19 GMT
etag: W/"663d8d0f-15634"
content-encoding: gzip
e-cache: HIT
access-control-allow-origin: *, *
expires: Sun, 09 Jun 2024 02:57:24 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 54159
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2k3qEVJHp9N1XyBVQW01qfTD1KV%2B2dvI84f%2BWofodMC4XA4H5WcnsHx%2BWZVR1hMOTb29JtY8trpHldew0ijg9mtzuv5OWfcldcws4rsrdIpCN03rFyoJgExYzbU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd3a048b6b4f7-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/static/yts/image/logo-imdb.svg

172.67.202.34

200 OK

1.8 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/image/logo-imdb.svg
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
SVG Scalable Vector Graphics image
Size
1.8 kB (1808 bytes)
Hash
5cd012116b0d0e653f8e53e813f57ce1
ce512c7a43e9361790d42723f6742856ea546225
48cd81eac0d91d7302265418beeba17e24df75334487e7fa83111ec861b9398a

HTTP Headers

GET /static/yts/image/logo-imdb.svg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Feb 2024 10:45:38 GMT
etag: W/"65d33152-710"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6203
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9eaR%2F4pjbQAi1SWVF%2B3QK0Tzd756roROxH2424faDGkdv8I75EqYWV4O0sNB1NJaD1dbfxVsBbblGv8KMQBJ95J6IaipLi3%2Bv9uR4DnS0haUnp5g92hINwTbOO%2Bsyk%2F75wRVOaQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39e59cd568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/static/yts/fonts/fonts.css

172.67.202.34

200 OK

1.3 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/fonts/fonts.css
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
ASCII text, with very long lines (1384), with no line terminators
Size
1.3 kB (1316 bytes)
Hash
0ea9baa4ec422b74a6cf6ef7cd998e7b
28edd12415ade93ae8ce77cc26054ec487d73508
a284eec07f7cc18bb397bffc2b34b52f8bacde6198dc1eaeef2924ac61190bb4

HTTP Headers

GET /static/yts/fonts/fonts.css HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: text/css
last-modified: Mon, 19 Feb 2024 03:18:39 GMT
vary: Accept-Encoding
etag: W/"65d2c88f-524"
expires: Sat, 11 May 2024 05:49:04 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iEPdYaquswb5%2FcCIle3L6w0TYj0aM6EdJGnKjSQ0RkIFQHzWiQz%2FKHkGp%2Byb9RwYvNiAnqpzpPBMQWzpixAVA90GeV3DjLkNmlL55n%2BDGcTbLy7dWHi3NRUZRy%2FeyQzHIUioNi4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd39e59b5568a-OSL
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/animate.css

188.114.96.1

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/animate.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
79 kB (78689 bytes)
Hash
3d4123dbfb33d27a5cfdfcfa91df6783
e7d0eeeec54b848f0bc3da8685fa3bc88429d660
cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.yts-official.mx
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:00:05 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 862674
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KZJUU%2FXCDRTm9ChcGcPjPwsf%2F%2FuQ3mgmjm%2FJMXA2HMsK2Y2pq5lHrGh7MEQU8kneUDd55806w5gIl0wxb%2FqEf4GAtWK2i4VvrC0%2FR0mIRWmlh%2FEmztwVAvPZpTU%2BA9NipWiN%2Fr2eEUWd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd3acae2756c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

en.yts-official.mx/static/yts/image/logo-YTS.svg

172.67.202.34

200 OK

23 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/image/logo-YTS.svg
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
SVG Scalable Vector Graphics image
Size
23 kB (23348 bytes)
Hash
fdd85bfbf80d872ea41b942cf21d1db9
6a2d54565cbffa3af342a63931e412ad8837f92d
2234cb288342eab0edfb65ebda4189cf47b40a4b639a25af62c57c03f7ace459

HTTP Headers

GET /static/yts/image/logo-YTS.svg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: image/svg+xml
last-modified: Tue, 20 Feb 2024 02:51:28 GMT
etag: W/"65d413b0-5b34"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6208
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ENPUkLJ5txsoaXLqs3%2BBW09UudWkfy3WQdzD%2BUzPhpwUab2ai0CKcBRnGfhwtDXNG0%2FEwYqgFDGolVB0pOKV2fitDq6LpIWjOJWkOLbrCMOuDbkOCzmdW9MrVE1gdyNqHeWE%2Fm0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39e59c6568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.131

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://vidsrc.to/embed/movie/tt15789038/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vidsrc.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:33:12 GMT
expires: Fri, 09 May 2025 01:33:12 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 145612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

en.yts-official.mx/static/yts/style/modded1.js?yify=1

172.67.202.34

200 OK

163 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/style/modded1.js?yify=1
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
JavaScript source, ASCII text, with very long lines (65452)
Size
163 kB (162596 bytes)
Hash
60de675fcd2844a3ffbb68550d303076
8a53cc2f554a8ef1f58f3fd1996a3c3552ea5472
1c821bdab262418e3742bfa3c295c3b668724f7e8898b45638958a898bd93d33

HTTP Headers

GET /static/yts/style/modded1.js?yify=1 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/movies/elemental-2023/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: application/javascript
last-modified: Mon, 19 Feb 2024 03:18:38 GMT
vary: Accept-Encoding
etag: W/"65d2c88e-27b24"
expires: Fri, 10 May 2024 20:33:51 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 33972
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mivg9dbbzUrMnS7hjfdQ2X8MN4KfB3h9vr1OVuTSq%2BBhbPENNgQEfeLJI%2BX%2F%2BlYRyxH5tgMNkDvRfVQMd%2BCM7ES4ymDXagmsVpjReaNGOBSwp%2Fp79ZaQvoOFs8sQKeU%2FE9U8bcI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd39e7a0a568a-OSL
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/static/yts/fonts/icomoon.woff?fmg7s2

172.67.202.34

200 OK

3.6 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/fonts/icomoon.woff?fmg7s2
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
Web Open Font Format, CFF, length 3560, version 0.0
Size
3.6 kB (3560 bytes)
Hash
4e54891305c71736de2da03f14b57434
fbf29db32b5514cad7a908167ce63c76a91a2f12
332ec1d337a38ad421deff49f3585da56563253756da3870b26b46bd025f96e4

HTTP Headers

GET /static/yts/fonts/icomoon.woff?fmg7s2 HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/static/yts/fonts/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: font/woff
content-length: 3560
last-modified: Mon, 19 Feb 2024 03:18:39 GMT
etag: "65d2c88f-de8"
cache-control: max-age=14400
cf-cache-status: HIT
age: 624
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nqt3O2Vfrm57VSSnwj%2FdNFiD8Fj6SA%2BWZEoI3prR7FxdXswHY%2FedBfZ2QBcx3ps4Ch6oOd2fNOvsZ4vguZoxR39yUsIea2DuiVJK6%2F6aHhgjuwUO5baM%2Fscfqfs2M2fRGFVEbPw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39fdc75568a-OSL
alt-svc: h3=":443"; ma=86400

vidsrc.to/assets/embed/min/all.css?v=663d8cfa

104.21.64.103

200 OK

80 kB

URL GET HTTP/3
vidsrc.to/assets/embed/min/all.css?v=663d8cfa
IP
104.21.64.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidsrc.to/embed/movie/tt15789038/
Certificate
IssuerGoogle Trust Services LLC
Subjectvidsrc.to
Fingerprint1D:91:BF:0E:81:D2:1C:22:D3:9C:9C:8D:88:3E:B4:E5:E2:68:DE:FC
ValidityFri, 22 Mar 2024 12:30:27 GMT - Thu, 20 Jun 2024 12:30:26 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
80 kB (80314 bytes)
Hash
f1324118f0fb608e711acd4ad716b776
f47b8e053b4eb43556a1645eee13eee24e185a5f
9bba11d379f87fd61d8fbe66ee318f39a86f0dc796c67e1418043f63732c4487

HTTP Headers

GET /assets/embed/min/all.css?v=663d8cfa HTTP/1.1
Host: vidsrc.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidsrc.to/embed/movie/tt15789038/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: text/css
last-modified: Mon, 31 Jul 2023 07:18:46 GMT
etag: W/"64c76056-139ba"
content-encoding: gzip
e-cache: HIT
access-control-allow-origin: *, *
expires: Sun, 09 Jun 2024 02:57:24 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 54159
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jyoe%2F0a08mjtIgyYKIJIGobYd%2BwBG1dGgDR1zrPFO4IPkhZ4hQIrxEZcDVhczxXauu3CTQ72iblC%2FyDP0G3D3vyZ5%2FinmL0%2FUgd6sFCVu%2FqOgo7wwGMfMw%2BDVCw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd3a038adb4f7-OSL
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js

188.114.96.1

200 OK

84 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
JavaScript source, ASCII text, with very long lines (32025)
Size
84 kB (84380 bytes)
Hash
4a356126b9573eb7bd1e9a7494737410
8258d046f17dd3c15a5d3984e1868b7b5d1db329
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:05 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 866009
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jpIsnF88eJlOQ%2Ff4Elyqcu7I%2BLOHTCQqmUk0xHCMGPBz73RITOaNia3bqEZBvMXqDr96zPF6SrKp%2B7EqZAFSzUsFZ%2Fz23DSPISdRHgZA82FMP9tJNkiSkzKcRpKiqETBay65oc58OgzB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd3ad2ef156a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/static/yts/images/website/2160p-quality.svg

172.67.202.34

200 OK

3.7 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/images/website/2160p-quality.svg
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
SVG Scalable Vector Graphics image
Size
3.7 kB (3666 bytes)
Hash
3d521f26d131c50dbabc5c505d444bb9
87c316b3478e3318a950421a8c2d7ba22aea8374
d836009ea876ed2f895ee254a0d7645242506b5026ba4f1c93f0d8bd378d06ba

HTTP Headers

GET /static/yts/images/website/2160p-quality.svg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/static/yts/style/minified.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Feb 2024 08:33:37 GMT
etag: W/"65d31261-e52"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qxT2npdSV1pGqVfa8jBDd3p5AuVJ%2BHBwekIJre%2FAvnsEyBE2G%2FofLaofxtsq8Xyb86caGzvNLAHJp%2BIPUdqp1w1LQiD5%2FdlMoa3YmzmJhRJNlyfMpiPm3Ek3ZN%2BiV2KANh%2BqEgg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39fdc65568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

en.yts-official.mx/static/yts/images/website/play-trailer.svg

172.67.202.34

200 OK

4.7 kB

URL GET HTTP/3
en.yts-official.mx/static/yts/images/website/play-trailer.svg
IP
172.67.202.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://en.yts-official.mx/movies/elemental-2023/
Certificate
IssuerGoogle Trust Services LLC
Subjectyts-official.mx
FingerprintFB:57:3A:12:D9:30:69:4A:59:BD:83:1C:79:E4:4E:DD:52:0F:73:62
ValidityThu, 18 Apr 2024 00:32:31 GMT - Wed, 17 Jul 2024 00:32:30 GMT

File type
SVG Scalable Vector Graphics image
Size
4.7 kB (4650 bytes)
Hash
0242c3a16be471023ee4e484a76cb850
811c46ab5800fc814b427e9469b5b55e7f41a35c
6f014889db48c67c7e651a9377b0415007ef9766fbf2ba90a1180b9e539c176a

HTTP Headers

GET /static/yts/images/website/play-trailer.svg HTTP/1.1
Host: en.yts-official.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://en.yts-official.mx/static/yts/style/minified.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:00:03 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Feb 2024 03:18:39 GMT
etag: W/"65d2c88f-122a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=THYKahoetQ50mH4NkDkhDNpz2CNTzp89w5KDE3LJiJnweWd%2BFZMSQh6uoUahZBRyt3jBBlYyk0ePwS3LWHqmx5ukDIflqlIC%2FN%2Fn2jW9K%2BloyZWvH%2FSR4pi%2FmYJJp8oM5eNvVJI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd39fdc71568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Poppins:wght@400;500&display=swap

142.250.74.106

200 OK

1.6 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Poppins:wght@400;500&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://vidsrc.to/embed/movie/tt15789038/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (1606), with no line terminators
Size
1.6 kB (1570 bytes)
Hash
af52a7e30ecc42e4484ea19a9adf765d
c4db1da944d399dbab91e367ac2a8724c31cd57f
f795d20ee3721e15c2fa2568b74a6d39cd16329e91d7026cd7b4aa79f45fea44

HTTP Headers

GET /css2?family=Poppins:wght@400;500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidsrc.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 18:00:03 GMT
date: Fri, 10 May 2024 18:00:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL