| | 104.21.234.81 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/2IP104.21.234.81:443
CertificateIssuerGoogle Trust Services LLC Subjecty2meta.com FingerprintED:32:F0:51:94:E2:07:0B:8C:CE:71:56:95:80:5B:90:75:4D:FF:09 ValidityTue, 30 Jan 2024 21:34:35 GMT - Mon, 29 Apr 2024 21:34:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: www.y2meta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 29 Mar 2024 00:42:28 GMT
content-length: 0
location: /en163
x-frame-options: DENY
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oz6ymiASVsW57UBLvgiNjB2FumJbO05X4sBo3t2tNEoM%2BST7Bf7b1Pw%2FXq3pYxJTcEYx5Poo2szo0OsdZ0SFUe7ufF4fUX83x7Fj28%2B83z%2BcoP4aYxPBHyraY0SOhh0oAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bbd1f7bb3e71fa-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.y2meta.com/Content/default/images/tip-download-youtube.jpg | 104.21.234.81 | 200 OK | 18 kB |
URL GET HTTP/2www.y2meta.com/Content/default/images/tip-download-youtube.jpg IP104.21.234.81:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerGoogle Trust Services LLC Subjecty2meta.com FingerprintED:32:F0:51:94:E2:07:0B:8C:CE:71:56:95:80:5B:90:75:4D:FF:09 ValidityTue, 30 Jan 2024 21:34:35 GMT - Mon, 29 Apr 2024 21:34:34 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=60, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=605], progressive, precision 8, 605x60, components 3 Hashd34700edfc2f2e6efea559f09b5722dc 00cc83fe735230cd52cc7247055a0eaab1db5e6a fe0d84bcb1ec8e0baf494792982e72eb4615d37b59634c88941b19a505f68441
GET /Content/default/images/tip-download-youtube.jpg HTTP/1.1
Host: www.y2meta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/en163
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:42:28 GMT
content-type: image/jpeg
content-length: 17570
last-modified: Sat, 06 Apr 2019 18:04:26 GMT
etag: "1d4eca32bd875a2"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 6417
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7rzlb1tIvKBdCREjvX%2FOOaXN4BNrt28dk5n7LGMesj22TuFGgD2NxyKDTajgGzyJSF%2B%2FQwVDbLq5yo%2Brft8MprnUo%2FWXxYbiEuhV3OGctstPcPtxppydCdzUbDkpvLrHsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bbd1fa3cdc71fa-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.y2meta.com/Content/default/images/loading.gif | 104.21.234.81 | 200 OK | 12 kB |
URL GET HTTP/2www.y2meta.com/Content/default/images/loading.gif IP104.21.234.81:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerGoogle Trust Services LLC Subjecty2meta.com FingerprintED:32:F0:51:94:E2:07:0B:8C:CE:71:56:95:80:5B:90:75:4D:FF:09 ValidityTue, 30 Jan 2024 21:34:35 GMT - Mon, 29 Apr 2024 21:34:34 GMT
File typeGIF image data, version 89a, 160 x 24 Hash046677ff48107680705f654c9250c567 c0cbc0b2c8b84014dcfea943e4582c7bd9e79710 4bf7f8d97e7584aeb2932c7313bb7e6266651a22cad37fe16f4239ed7ea1784c
GET /Content/default/images/loading.gif HTTP/1.1
Host: www.y2meta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/en163
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:42:28 GMT
content-type: image/gif
content-length: 11689
last-modified: Tue, 26 Mar 2019 13:59:44 GMT
etag: "1d4e3dc2a25a5a9"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 5250
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nWiw%2FEBMPJNgLoJ5LXW%2BY%2BzaWTDwV5KE0UbTMg2yIrVyU4KsJw7%2BOpD3fjJMBpcjGGgUb5bwayp0%2BB%2F7rv3BQOdWwqNCtnQW8%2BGmZful08GhZpkP6VMScB5Cs3odIKNCvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bbd1fa3cdb71fa-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.y2meta.com/data/admin/2019/3/logo.png | 104.21.234.81 | 200 OK | 7.2 kB |
URL GET HTTP/2www.y2meta.com/data/admin/2019/3/logo.png IP104.21.234.81:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerGoogle Trust Services LLC Subjecty2meta.com FingerprintED:32:F0:51:94:E2:07:0B:8C:CE:71:56:95:80:5B:90:75:4D:FF:09 ValidityTue, 30 Jan 2024 21:34:35 GMT - Mon, 29 Apr 2024 21:34:34 GMT
File typePNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced Hash0cddab075c6ff3429a9dd3509fc226cd 0912c21e0c28453e179189c8eb98b3f10693bf8c b50babe7ac78cd1372303c0746b209bbaef8aa2dad09441976b7b94b4f1e733f
GET /data/admin/2019/3/logo.png HTTP/1.1
Host: www.y2meta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/en163
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:42:28 GMT
content-type: image/png
content-length: 7190
last-modified: Thu, 28 Mar 2019 20:07:54 GMT
etag: "1d4e5a1eda39516"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MLPXZF4k8XE1prd1Yuo%2BXZrman9MsqxTTxNBv2L5m0esIh2SNdddMSETLFCj%2B93ZNx%2F1xG6rdSJZd80oGWmjewvCnXeSz8P24gVRJlu3A%2BLhMwkAdlWD1fUGgSN4KdqC2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bbd1fa3cd871fa-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.y2meta.com/Content/default/fonts/glyphicons-halflings-regular.woff2 | 104.21.234.81 | 200 OK | 18 kB |
URL GET HTTP/2www.y2meta.com/Content/default/fonts/glyphicons-halflings-regular.woff2 IP104.21.234.81:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerGoogle Trust Services LLC Subjecty2meta.com FingerprintED:32:F0:51:94:E2:07:0B:8C:CE:71:56:95:80:5B:90:75:4D:FF:09 ValidityTue, 30 Jan 2024 21:34:35 GMT - Mon, 29 Apr 2024 21:34:34 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 18028, version 1.589 Hash448c34a56d699c29117adc64c43affeb ca35b697d99cae4d1b60f2d60fcd37771987eb07 fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
GET /Content/default/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: www.y2meta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/Content/default/css/bootstrap.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:42:28 GMT
content-type: font/woff2
content-length: 18028
last-modified: Sun, 11 Feb 2018 17:49:12 GMT
etag: "1d3a3609ff9da6c"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7pFprI7yfw%2FuPO4l9zdUAOOAJ%2BZak5rcWQMoeWiHKUXzoNyHkDYEYETUAGxxo9ogOlryLngBG5ovL4vLXic0A5USLe6OFJFU1yLw59XvVbqyOquARc3edp1LCRVnhhD6iw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bbd1fafd9871fa-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| | 104.21.234.81 | 200 OK | 102 kB |
URL User Request GET HTTP/2IP104.21.234.81:443
CertificateIssuerGoogle Trust Services LLC Subjecty2meta.com FingerprintED:32:F0:51:94:E2:07:0B:8C:CE:71:56:95:80:5B:90:75:4D:FF:09 ValidityTue, 30 Jan 2024 21:34:35 GMT - Mon, 29 Apr 2024 21:34:34 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (14923), with CRLF, LF line terminators Size102 kB (101890 bytes) Hash2af289a423b9e233b2286d59200bb581 1c81132f39c675c69715e284977a78635b328d69 08b6021bfa134e4d07181c4f7ab3a01296e588a2d43b22d9484d8c95484d3bd4
GET /en163 HTTP/1.1
Host: www.y2meta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:42:28 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-frame-options: DENY
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H1ZCkQr65%2Fg0Pb4QD29MtJvacbOMCYAx0vBs7y6D1LPojTaciOx%2FuoS%2F7w3jqJrW44CrNLXrIpb%2FpjRNIDOnsjhnCjXXll0ShDqJ%2FV0ZELz6%2BwM7jP9kPFRqa5Wb54ZL8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bbd1f81b6f71fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.y2meta.com/apple-touch-icon.png | 104.21.234.81 | 200 OK | 10 kB |
URL GET HTTP/2www.y2meta.com/apple-touch-icon.png IP104.21.234.81:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerGoogle Trust Services LLC Subjecty2meta.com FingerprintED:32:F0:51:94:E2:07:0B:8C:CE:71:56:95:80:5B:90:75:4D:FF:09 ValidityTue, 30 Jan 2024 21:34:35 GMT - Mon, 29 Apr 2024 21:34:34 GMT
File typePNG image data, 180 x 180, 8-bit/color RGB, non-interlaced Hash34fbedf76ef8ff8c0da9df3a1452ad7a 6fc410b177317924609ef049072e05fed3696ae7 9eaa3ad172f8b1df289ad35827f4cf337840a410d1cb4cb7e61d062e7e885ade
GET /apple-touch-icon.png HTTP/1.1
Host: www.y2meta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/en163
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:42:29 GMT
content-type: image/png
content-length: 9958
last-modified: Tue, 23 Mar 2021 07:23:40 GMT
etag: "1d71fb5726cc0e6"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 4440
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XzPypicufvNiNR75bDrAI%2BUxnGtLO5nj9dNuvsrd6aqxOlxkiKrL1zSkGWKMNWiGRX%2FDZ57eH6UP9m7ebKQTAOlgENquAoPqcTzKJwxqIdyTQVy%2B1ITP20m%2FF29ZTqeXiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bbd1fc3e6e71fa-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.y2meta.com/favicon-16x16.png | 104.21.234.81 | 200 OK | 1.3 kB |
URL GET HTTP/2www.y2meta.com/favicon-16x16.png IP104.21.234.81:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerGoogle Trust Services LLC Subjecty2meta.com FingerprintED:32:F0:51:94:E2:07:0B:8C:CE:71:56:95:80:5B:90:75:4D:FF:09 ValidityTue, 30 Jan 2024 21:34:35 GMT - Mon, 29 Apr 2024 21:34:34 GMT
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hash25e0e1f1c17b2985d455fd4c8fa2c36a a159ebb6a7c0c1ccb28793b48220b2bc5be5ab0e 74921b10837e85f8738cde3240a9b77b53d9f6547cba2fee36ad4dab09a6e34c
GET /favicon-16x16.png HTTP/1.1
Host: www.y2meta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/en163
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:42:29 GMT
content-type: image/png
content-length: 1261
last-modified: Tue, 23 Mar 2021 07:23:40 GMT
etag: "1d71fb5726ce2ed"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tZVtqER7UcuhrEv7mho2mKaSVNX5GKuA0CvZm0BN7YTFsbXKtnZBm7%2BpK8xqeXCqy7F6BHS3%2FAqMQOyQ1NluM3ifCnfC1sTyNjWe19Bcoh5U3zW%2FAtLUUx5qutP4EpIFmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bbd1fc3e7071fa-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-HP1NN6D2L1&l=dataLayer&cx=c | 142.250.74.72 | 200 OK | 90 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-HP1NN6D2L1&l=dataLayer&cx=c IP142.250.74.72:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hashc030ad14b05768e651ddee88beaa6fe8 b9533adc1643863ec16427f060b028f8b254c361 759346c0064117f40f6affdae7d9fa184953743d29d2d8820bf6247a5cb91d63
GET /gtag/js?id=G-HP1NN6D2L1&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 29 Mar 2024 00:42:29 GMT
expires: Fri, 29 Mar 2024 00:42:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90109
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| propu.sh/zone?&pub=0&zone_id=3899503&is_mobile=false&domain=www.y2meta.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.497&trace_id=03acc926-0e8e-4cc4-af7b-098a865330b5&action=prerequest | 139.45.197.250 | 200 OK | 0 B |
URL POST HTTP/2propu.sh/zone?&pub=0&zone_id=3899503&is_mobile=false&domain=www.y2meta.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.497&trace_id=03acc926-0e8e-4cc4-af7b-098a865330b5&action=prerequest IP139.45.197.250:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerLet's Encrypt Subjectpropu.sh Fingerprint67:D6:66:75:25:20:F4:C3:58:D2:DE:E8:FC:AB:7D:1A:BD:FD:18:CC ValidityThu, 25 Jan 2024 21:49:21 GMT - Wed, 24 Apr 2024 21:49:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=3899503&is_mobile=false&domain=www.y2meta.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.497&trace_id=03acc926-0e8e-4cc4-af7b-098a865330b5&action=prerequest HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.y2meta.com
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 00:42:44 GMT
content-length: 0
x-trace-id: 33f8d266344e69bba0354762d75c8f62
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.y2meta.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| kv.tibertannoy.com/tTgI3NffKSEZf5Hk/40654 | 23.109.170.71 | 200 OK | 25 B |
URL GET HTTP/1.1kv.tibertannoy.com/tTgI3NffKSEZf5Hk/40654 IP23.109.170.71:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerLet's Encrypt Subjectkv.tibertannoy.com Fingerprint14:28:6F:0B:70:86:B4:3A:B9:8E:1D:D8:0D:E1:35:57:84:4E:F8:33 ValidityMon, 04 Mar 2024 23:04:36 GMT - Sun, 02 Jun 2024 23:04:35 GMT
File typeASCII text, with no line terminators Hashf7a2939527fd9e68723da600e96d76bd a9e717b6364d2895ee0a716050db32ca0ef1bb42 d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
GET /tTgI3NffKSEZf5Hk/40654 HTTP/1.1
Host: kv.tibertannoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 00:42:44 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.y2meta.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sat, 30-Mar-2024 00:42:44 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Sat, 30-Mar-2024 00:42:44 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 250
Origin: https://www.y2meta.com
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 00:42:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: f4bd19384a3bd10f35914bac560aca80
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.y2meta.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| besmeargleor.com/400/3145154 | 139.45.197.236 | 200 OK | 31 kB |
URL GET HTTP/2besmeargleor.com/400/3145154 IP139.45.197.236:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerLet's Encrypt Subjectbesmeargleor.com FingerprintBB:44:2D:16:40:65:F5:1E:F3:BA:9B:A0:74:D8:53:69:7C:B3:4E:C0 ValidityMon, 05 Feb 2024 19:27:28 GMT - Sun, 05 May 2024 19:27:27 GMT
File typegzip compressed data, max speed, from Unix Hash832253d7684e702b8efea19f1e1c5878 9eeae3748ce27e784dd3fd9f76758f2bfbc2d29d 5886897f0f622c581853252ca9726a2d16a0a7d6f2994e39bf49f8583d7c2d84
GET /400/3145154 HTTP/1.1
Host: besmeargleor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 00:42:44 GMT
content-type: application/javascript
x-trace-id: 47bdaa67b3d3cb96fdcc420f534e2ccc
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=03002e72e11647f4ff1185fb16d4c547; expires=Sat, 29 Mar 2025 00:42:44 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 251
Origin: https://www.y2meta.com
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 00:42:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: f9f6a8fede21782d6576045885628ceb
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.y2meta.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js | 139.45.195.8 | 200 OK | 65 B |
IP139.45.195.8:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hashd1cd37029b76d786579b568f2211a45c 8bf963046416435f9dbaefeba5bc1d2d09b817f6 bef51ba55c773342c652463f734055cd3fd8b405fbdae402bf94ae57bf815b14
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.y2meta.com
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 00:42:45 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.y2meta.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=45cc381f326842098a0f09085ad4ecd9; expires=Sat, 29 Mar 2025 00:42:45 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintD4:D3:E8:AF:BA:16:67:D6:32:4A:0A:37:C6:DB:70:CD:C6:36:F4:4A ValidityWed, 31 Jan 2024 19:04:20 GMT - Tue, 30 Apr 2024 19:04:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.y2meta.com/
Origin: https://www.y2meta.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 00:42:45 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.y2meta.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintD4:D3:E8:AF:BA:16:67:D6:32:4A:0A:37:C6:DB:70:CD:C6:36:F4:4A ValidityWed, 31 Jan 2024 19:04:20 GMT - Tue, 30 Apr 2024 19:04:19 GMT
Hashaf94abbec6b686db32efe9a3b289aece db57c7f1712b58b217c029f3a208fc7b8e12dc9a c81b0bf2a74132cac8ba7ba340c38c43be664689cd493734f3db4c02d6671293
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.y2meta.com/
Content-Type: application/json
Content-Length: 903
Origin: https://www.y2meta.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 00:42:45 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.y2meta.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| www.y2meta.com/Content/default/css/bootstrap.min.css | 104.21.234.81 | 200 OK | 122 kB |
URL GET HTTP/2www.y2meta.com/Content/default/css/bootstrap.min.css IP104.21.234.81:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerGoogle Trust Services LLC Subjecty2meta.com FingerprintED:32:F0:51:94:E2:07:0B:8C:CE:71:56:95:80:5B:90:75:4D:FF:09 ValidityTue, 30 Jan 2024 21:34:35 GMT - Mon, 29 Apr 2024 21:34:34 GMT
File typeASCII text, with very long lines (64985) Size122 kB (122242 bytes) Hash7a2e03df404c212ec5c96806d9469a4b 4234532b2555095901936872e601284b22eead6d 7e7da99cf4a346c13d1227ecada72a3d8ff48ba5253be06acc2f4780c2733a6d
GET /Content/default/css/bootstrap.min.css HTTP/1.1
Host: www.y2meta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/en163
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:42:28 GMT
content-type: text/css
last-modified: Tue, 26 Mar 2019 13:58:54 GMT
etag: W/"1d4e3dc0c59fe82"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PqWYvqPDhPND8Hh8NmcJmA%2FawOz2iisiLdo4GRrym0HT9AH6VWC93LO%2Fikr4zjPe6ov0usGGa8h8e1pDEhDfXYF8HaUSN0fxZQV721PwIvJjY2Dky54%2BShMwedjTAEYSSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bbd1fa2cd671fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.y2meta.com/js/common.min.js?v=25 | 104.21.234.81 | 200 OK | 1.9 kB |
URL GET HTTP/2www.y2meta.com/js/common.min.js?v=25 IP104.21.234.81:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerGoogle Trust Services LLC Subjecty2meta.com FingerprintED:32:F0:51:94:E2:07:0B:8C:CE:71:56:95:80:5B:90:75:4D:FF:09 ValidityTue, 30 Jan 2024 21:34:35 GMT - Mon, 29 Apr 2024 21:34:34 GMT
File typeJavaScript source, ASCII text, with very long lines (2012), with no line terminators Hash3f6f4fdb4d333b20f5ca2dac9de3eeb4 085767e2cfedeaaba81ffedae8b39198ae31eb54 fb749987296e35816c09857e1f415df3a6759025967391117383a203ecb666dc
GET /js/common.min.js?v=25 HTTP/1.1
Host: www.y2meta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/en163
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:42:29 GMT
content-type: application/javascript
last-modified: Thu, 21 Sep 2023 07:00:35 GMT
etag: W/"1d9ec5951a2ac0f"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0OedIV3VFekSZM%2FbRsY16Nlbd4Quwtqfks9%2BgSKbZka4qMj0oHaI5yTjolOzmCRE8Rq2bL%2F8M0ws81Q1QNCJJ4FQSH8CWpbIDrqTkiGsQL7IPy11T0jlRG1xv%2FkV7u9vgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bbd1fc4e7671fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.y2meta.com/js/suggeser.js?v=3 | 104.21.234.81 | 200 OK | 17 kB |
URL GET HTTP/2www.y2meta.com/js/suggeser.js?v=3 IP104.21.234.81:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerGoogle Trust Services LLC Subjecty2meta.com FingerprintED:32:F0:51:94:E2:07:0B:8C:CE:71:56:95:80:5B:90:75:4D:FF:09 ValidityTue, 30 Jan 2024 21:34:35 GMT - Mon, 29 Apr 2024 21:34:34 GMT
File typeJavaScript source, ASCII text, with very long lines (17089), with no line terminators Hashccbda31515e1c9642d87ca4a166dcbf3 94f0f77b129f5784136c22a409fa797310849803 e33806d103384621c4f7d70e83fc4a17062862c6f589eeb2d5ba3ffa478f8617
GET /js/suggeser.js?v=3 HTTP/1.1
Host: www.y2meta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/en163
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:42:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"1d6fd1ea30740c1"
last-modified: Sun, 07 Feb 2021 06:58:28 GMT
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U2Wg3VZ%2BmvDSsXS%2FfBrL6nshzxC0WDomNNxJN2cTSIVILW2wtJfUQDNWfcWOBIN125GM9WYg1qrew50UthbUo7k2P6X%2BqVfJxHxBNnbWpQrkyTG01zceiAaUzbz5xSPDyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bbd1fc4e7871fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| propu.sh/pfe/current/micro.tag.min.js?z=3899503&sw=/sw-check-permissions.js&_=1711672949126 | 139.45.197.250 | 200 OK | 36 kB |
URL GET HTTP/2propu.sh/pfe/current/micro.tag.min.js?z=3899503&sw=/sw-check-permissions.js&_=1711672949126 IP139.45.197.250:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerLet's Encrypt Subjectpropu.sh Fingerprint67:D6:66:75:25:20:F4:C3:58:D2:DE:E8:FC:AB:7D:1A:BD:FD:18:CC ValidityThu, 25 Jan 2024 21:49:21 GMT - Wed, 24 Apr 2024 21:49:20 GMT
File typeJavaScript source, ASCII text, with very long lines (36335), with no line terminators Hashedd3473db2c4ca3d9e5ff3ec876fb483 dc4ee801ac9de08445dd5c6262f5023d1515d32e 955a7f7e7a9158b178d2ca39513763b297bbec13f6083c534c099af7876c1c8c
GET /pfe/current/micro.tag.min.js?z=3899503&sw=/sw-check-permissions.js&_=1711672949126 HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 00:42:44 GMT
content-type: application/javascript
last-modified: Wed, 20 Mar 2024 09:50:24 GMT
etag: W/"65fab160-8def"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.y2meta.com/sw-check-permissions.js?zoneId=3899503 | 104.21.234.81 | 200 OK | 435 B |
URL GET HTTP/2www.y2meta.com/sw-check-permissions.js?zoneId=3899503 IP104.21.234.81:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerGoogle Trust Services LLC Subjecty2meta.com FingerprintED:32:F0:51:94:E2:07:0B:8C:CE:71:56:95:80:5B:90:75:4D:FF:09 ValidityTue, 30 Jan 2024 21:34:35 GMT - Mon, 29 Apr 2024 21:34:34 GMT
File typeASCII text, with very long lines (454), with no line terminators Hash70cf0baf3a480bb32a5a90c633258f9c e1223356661cf8d2c5eabea6764da1564fe998a2 a5d96a07eb326613d22e4f90e0850c9b8557b775e45861b21e736135a54c2486
GET /sw-check-permissions.js?zoneId=3899503 HTTP/1.1
Host: www.y2meta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/en163
Cookie: _ga_HP1NN6D2L1=GS1.1.1711672949.1.0.1711672949.0.0.0; _ga=GA1.1.286582693.1711672949
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:42:44 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=558
etag: W/"1d9ebf0b5dd572e"
last-modified: Wed, 20 Sep 2023 18:31:46 GMT
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 6430
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PLKUhAf7BzLeUNzmDvMWHD%2FR8Rk33uUzV1uPlBvSzPa5sWkFSwLHEO0YPtucDvh2npoQg9J%2F5UZEXQEHFcLIbwGdtmm%2BF4zvc2TXN%2B1zg9BLcnelhvxD%2FPIdXoU3OvObJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bbd25edbd071fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gloaphoo.net/401/4861516?oo=1&oaid=45cc381f326842098a0f09085ad4ecd9&sw_version=v1.332.0 | 139.45.197.239 | 200 OK | 2.3 kB |
URL GET HTTP/2gloaphoo.net/401/4861516?oo=1&oaid=45cc381f326842098a0f09085ad4ecd9&sw_version=v1.332.0 IP139.45.197.239:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerLet's Encrypt Subjectgloaphoo.net Fingerprint23:70:B4:EB:0C:B5:F9:2D:E5:91:C3:50:F3:84:88:F2:E5:80:4D:F7 ValidityFri, 22 Mar 2024 05:09:06 GMT - Thu, 20 Jun 2024 05:09:05 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2468), with no line terminators Hashe0a365847ab8bf9ddc39acdd6a166ae1 1f043a43d69982aa750eb5803b8c37bab3e86ff3 8d553c34243422afd90e52f8e9c2a3a473da5ae4ac95ccd9c100b42d94246c91
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /401/4861516?oo=1&oaid=45cc381f326842098a0f09085ad4ecd9&sw_version=v1.332.0 HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.y2meta.com
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/
Cookie: OAID=03002e45ccde4289ef58ba4db1a03814
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 00:42:45 GMT
content-type: application/json
x-trace-id: 39c2257880b036be65499261285de457
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www.y2meta.com
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=45cc381f326842098a0f09085ad4ecd9; expires=Sat, 29 Mar 2025 00:42:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| besmeargleor.com/400/3145154?oo=1&oaid=45cc381f326842098a0f09085ad4ecd9&sw_version=v1.332.0 | 139.45.197.236 | 200 OK | 2.4 kB |
URL GET HTTP/2besmeargleor.com/400/3145154?oo=1&oaid=45cc381f326842098a0f09085ad4ecd9&sw_version=v1.332.0 IP139.45.197.236:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerLet's Encrypt Subjectbesmeargleor.com FingerprintBB:44:2D:16:40:65:F5:1E:F3:BA:9B:A0:74:D8:53:69:7C:B3:4E:C0 ValidityMon, 05 Feb 2024 19:27:28 GMT - Sun, 05 May 2024 19:27:27 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2634), with no line terminators Hash637b8d65f5190f4ae91de1724d02d009 3587078aa03e12a3735480916ca20ae5273eab47 ecc47a3143fc17003dc935c3f5d7edb6ce8ea9ce4af3ea20dcc424fb38386165
GET /400/3145154?oo=1&oaid=45cc381f326842098a0f09085ad4ecd9&sw_version=v1.332.0 HTTP/1.1
Host: besmeargleor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.y2meta.com
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/
Cookie: OAID=03002e72e11647f4ff1185fb16d4c547
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 00:42:45 GMT
content-type: application/json
x-trace-id: 301850b1ec49c5bd4d20383ce58aca92
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://www.y2meta.com
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=45cc381f326842098a0f09085ad4ecd9; expires=Sat, 29 Mar 2025 00:42:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.y2meta.com/js/app.min.js?v=49 | 104.21.234.81 | 200 OK | 129 kB |
URL GET HTTP/2www.y2meta.com/js/app.min.js?v=49 IP104.21.234.81:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerGoogle Trust Services LLC Subjecty2meta.com FingerprintED:32:F0:51:94:E2:07:0B:8C:CE:71:56:95:80:5B:90:75:4D:FF:09 ValidityTue, 30 Jan 2024 21:34:35 GMT - Mon, 29 Apr 2024 21:34:34 GMT
Size129 kB (128750 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/app.min.js?v=49 HTTP/1.1
Host: www.y2meta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/en163
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:42:29 GMT
content-type: application/javascript
last-modified: Sun, 31 Jul 2022 02:05:27 GMT
etag: W/"1d8a48200977b6e"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TaNdbvtxg2mr2t5AIZKxPbPUvwYw%2B4qT3nO8z3lsy95noAcNQOZ6hPuufSCVFMaQkEAxBI90dFFztsWKC%2BamNHGT5%2BYTooqFSylXuShipGAJbgi%2FV0s%2BREhX4sGYbgnRJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bbd1fb9de471fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.y2meta.com/Content/default/css/style.min.css?v=20 | 104.21.234.81 | 200 OK | 25 kB |
URL GET HTTP/2www.y2meta.com/Content/default/css/style.min.css?v=20 IP104.21.234.81:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerGoogle Trust Services LLC Subjecty2meta.com FingerprintED:32:F0:51:94:E2:07:0B:8C:CE:71:56:95:80:5B:90:75:4D:FF:09 ValidityTue, 30 Jan 2024 21:34:35 GMT - Mon, 29 Apr 2024 21:34:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Content/default/css/style.min.css?v=20 HTTP/1.1
Host: www.y2meta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/en163
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:42:28 GMT
content-type: text/css
last-modified: Sat, 13 Aug 2022 07:36:39 GMT
etag: W/"1d8aee76c97bd95"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 6417
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Horbf4%2FcS9hdUCMxM3xceHWNafAHSE4T3s7y7gPcGSFt%2B5146mbzFu%2BWIoDBZWQHAfkpKUw8GeoN1umKPKx6NbtxT9RtDZF9A6N%2FCNOT%2BwwEbsAOtuZOYC6Y3bm8stqJnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bbd1fa3cd771fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.y2meta.com/js/app.min.js?v=49 | 104.21.234.81 | 200 OK | 129 kB |
URL GET HTTP/2www.y2meta.com/js/app.min.js?v=49 IP104.21.234.81:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerGoogle Trust Services LLC Subjecty2meta.com FingerprintED:32:F0:51:94:E2:07:0B:8C:CE:71:56:95:80:5B:90:75:4D:FF:09 ValidityTue, 30 Jan 2024 21:34:35 GMT - Mon, 29 Apr 2024 21:34:34 GMT
Size129 kB (128750 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/app.min.js?v=49 HTTP/1.1
Host: www.y2meta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/en163
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:42:28 GMT
content-type: application/javascript
last-modified: Sun, 31 Jul 2022 02:05:27 GMT
etag: W/"1d8a48200977b6e"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vNvTTIE5aNPuRYR7hW97BfWDxk7Fe5OPCRcNXd5Q4EASaYNnePZUfMWWkXJm%2FcoXUlf%2FGCGfGlMfRy1TxvZF4W4XyKKYlJ%2B0RcKd2ekTUlw1TXRr1GRsbWEhCBQDpZJV4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bbd1faed8b71fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.y2meta.com/Content/default/images/firefox.svg | 104.21.234.81 | 200 OK | 34 kB |
URL GET HTTP/2www.y2meta.com/Content/default/images/firefox.svg IP104.21.234.81:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerGoogle Trust Services LLC Subjecty2meta.com FingerprintED:32:F0:51:94:E2:07:0B:8C:CE:71:56:95:80:5B:90:75:4D:FF:09 ValidityTue, 30 Jan 2024 21:34:35 GMT - Mon, 29 Apr 2024 21:34:34 GMT
File typeSVG Scalable Vector Graphics image Hashc214d7548e9dfe83e9093eb04407262e 7078117a4bf243ba663ae44e576032cc79826b4e 10d54aa020a7363073ef8c137808861137dc6e6fffd3d0f8c95f0a6d15e716e2
GET /Content/default/images/firefox.svg HTTP/1.1
Host: www.y2meta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/en163
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:42:28 GMT
content-type: image/svg+xml
last-modified: Thu, 21 Nov 2019 15:43:34 GMT
etag: W/"1d5a0826ea894f9"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VKcKK%2BmNM5DbvZhRFnYsEFhGmX3ebeD7VxyjhUY5cZrqr302gWC5OZL9eRmi7Uw1qq%2BGwleVbPWT8G8pM5lnWdXzbMhPm%2FFVlNoOCumN4a3iUATMKlrXY9clH1ngcRp2Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bbd1fa3ce071fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.y2meta.com/pwa/pwa-app.js | 104.21.234.81 | 200 OK | 193 B |
URL GET HTTP/2www.y2meta.com/pwa/pwa-app.js IP104.21.234.81:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerGoogle Trust Services LLC Subjecty2meta.com FingerprintED:32:F0:51:94:E2:07:0B:8C:CE:71:56:95:80:5B:90:75:4D:FF:09 ValidityTue, 30 Jan 2024 21:34:35 GMT - Mon, 29 Apr 2024 21:34:34 GMT
File typeASCII text, with no line terminators Hash433b01626694f6f172c7846bc1b85002 09964488680297693c0993a02766793274507d44 4187c19775ace18ab0752577094af6c60693b16136de2cb56f86d9fe2cea75b7
GET /pwa/pwa-app.js HTTP/1.1
Host: www.y2meta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/en163
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:42:28 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"1d8cbd2a9d049c1"
last-modified: Mon, 19 Sep 2022 02:51:06 GMT
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=55HxJeAAVcWWJ7CR2Inu%2FZHkGtSlkbV7JVhj0j06qHOBpIECiqQKE%2FKp8BnRrpoqkk61iKfI7dbmKplQqseDk6hcbvnVfr1aK86SxbX60%2BULRKeOeD95BSPhZrI3vMygcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bbd1faed8871fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gloaphoo.net/401/4861516 | 139.45.197.239 | 200 OK | 88 kB |
IP139.45.197.239:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerLet's Encrypt Subjectgloaphoo.net Fingerprint23:70:B4:EB:0C:B5:F9:2D:E5:91:C3:50:F3:84:88:F2:E5:80:4D:F7 ValidityFri, 22 Mar 2024 05:09:06 GMT - Thu, 20 Jun 2024 05:09:05 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash0bc06e3bb9a6dbe56c90b580b92c89f4 42e12f3d286f1efef8f8e1702244fce4093fe8b7 3637fc677339e15a430b39de544ffccc5c4d7f8071a1f9fcb6f3c388de6c5c3d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /401/4861516 HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 00:42:44 GMT
content-type: application/javascript
x-trace-id: 080edd90b60e8e5f0b9a6bef5cd069dd
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=03002e45ccde4289ef58ba4db1a03814; expires=Sat, 29 Mar 2025 00:42:44 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-122831834-3 | 142.250.74.72 | 200 OK | 208 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-122831834-3 IP142.250.74.72:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Size208 kB (208083 bytes) Hash74bc4770e5581ee6d8702b972d445d0c 9c927330c7fec0f8aed18e263e8a0c1abf7b24ef 77a197768bcf11115a50e8c82cd61753a9a8e42d82d2b6c12c8ec2ff2566a171
GET /gtag/js?id=UA-122831834-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 29 Mar 2024 00:42:29 GMT
expires: Fri, 29 Mar 2024 00:42:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75517
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.y2meta.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 104.21.234.81 | 200 OK | 12 kB |
URL GET HTTP/2www.y2meta.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP104.21.234.81:443
Requested byhttps://www.y2meta.com/en163 CertificateIssuerGoogle Trust Services LLC Subjecty2meta.com FingerprintED:32:F0:51:94:E2:07:0B:8C:CE:71:56:95:80:5B:90:75:4D:FF:09 ValidityTue, 30 Jan 2024 21:34:35 GMT - Mon, 29 Apr 2024 21:34:34 GMT
File typeJavaScript source, ASCII text, with very long lines (12331) Hash88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.y2meta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.y2meta.com/en163
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:42:28 GMT
content-type: application/javascript
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
etag: W/"65fd6d96-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vilYb68xfbvitTgv6lWw2vXAsn8KvOWX9Ar6TkCceEbQXGN17OneTvIbXVydJ1l274KgyKoBqiAex7Vd%2BUW16WM9gWoZ3dzaqu0%2B%2FO4mwuGj9cKzGzVSzdhsA86l1ca0Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bbd1fa3ce471fa-LHR
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 31 Mar 2024 00:42:28 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|