| younetu.org/ad/top/popunder.js |  188.114.97.1 | 200 OK | 21 B |
URL GET HTTP/3younetu.org/ad/top/popunder.js IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeASCII text, with no line terminators Hash533a813ddb8f84d7e018bf8e6296c44d 8c95af23d5dc502f1bc3395a6d2e339e696c0d3e a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f
GET /ad/top/popunder.js HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:29:04 GMT
content-type: application/javascript; charset=UTF-8
content-length: 21
last-modified: Wed, 15 Sep 2021 14:06:22 GMT
etag: "6141fdde-15"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 349181
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4tmYQLsSAdIl6HY23wgg94AKC4%2B0CyFNfTvScktXzgexaYpctFAtMbAsq4ui0AYzMCnq%2BVJxi0SYYMiFQTEymaYhOMKtaKnr0ELRy9UhA6cIv9ecCdbvepQuves9KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea8dde0f3356c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cy.alrightcorozo.com/rrdFsZsC0jn/64681 | 23.109.170.34 | 200 OK | 20 B |
URL GET HTTP/1.1cy.alrightcorozo.com/rrdFsZsC0jn/64681 IP23.109.170.34:443
Requested byhttps://younetu.cc/player/embed_player.php?vid=1ygaPjPWcQv0 CertificateIssuerLet's Encrypt Subjectcy.alrightcorozo.com FingerprintFD:B2:AA:87:97:D6:8F:2A:54:96:DE:5D:60:CB:BE:19:D4:16:A2:B8 ValidityFri, 22 Mar 2024 07:45:14 GMT - Thu, 20 Jun 2024 07:45:13 GMT
File typegzip compressed data, from Unix Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /rrdFsZsC0jn/64681 HTTP/1.1
Host: cy.alrightcorozo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 18:29:04 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://younetu.cc
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sun, 05-May-2024 18:29:04 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 05-May-2024 18:29:04 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js |  104.17.249.203 | 200 OK | 11 kB |
URL GET HTTP/2unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js IP104.17.249.203:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectunpkg.com Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3 ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT
File typeJavaScript source, ASCII text, with very long lines (29325) Hash013916ab61482481d8de9742a0f95bee 546bb742502faa36f8c2bb954c2f028187660404 73cdea3ea0691f9ac4150be0c937dc2ee7eaa10205168a84e41ef5c9e05784b7
GET /progressbar.js@1.1.0/dist/progressbar.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:04 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
via: 1.1 fly.io
fly-request-id: 01HWR0PQM08SRQ1T3DGM73EQSZ-arn
cf-cache-status: HIT
age: 349342
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87ea8dde1a710b31-OSL
X-Firefox-Spdy: h2
|
|
| younetu.org/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=97868290 | 188.114.97.1 | 200 OK | 2 B |
URL GET HTTP/3younetu.org/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=97868290 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
Hashd751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=97868290 HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no
Cookie: uid=z4lzxVcKb4w*wzZYat_JGvZWOG3Npy1j
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:29:05 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
x-inferno-location: banner
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4wxRBUlN8vwv%2BHnvLXCNWfW9GparlEdlvakqbBIDHUsV1W5DVs5Je9qI2JjeAuGw4tCHR0riTsAiS0JtcIDLrBC3hUYk0pU17O8iawjBiTO4yIETP43vf3Y2%2BRZHiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8de23e1256c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| younetu.org/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=3885015 | 188.114.97.1 | 200 OK | 2 B |
URL GET HTTP/3younetu.org/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=3885015 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
Hashd751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=3885015 HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no
Cookie: uid=z4lzxVcKb4w*wzZYat_JGvZWOG3Npy1j
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:29:05 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
x-inferno-location: banner
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1M%2FWip072N05uMIgmyDIBh1gBVBfdfx7z5c2InSaO4R4oPB4kCeXUfjla8w3dOeieWFkAWIe5123OmFyhJAW6a2mS6%2BMltfCGE5fIju3doG1OLgWoTu7pxd0Av9%2BhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8de23e2156c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| younetu.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 188.114.97.1 | 200 OK | 8.5 kB |
URL GET HTTP/3younetu.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typegzip compressed data, from Unix Hasha69bb58edd258aa9c1d6a156f1a5337d 1e27201722fe4a5abbaaf986e52454284150e8d8 9be240750b830f241386815092c4575297ea70f4364d2b6fc80aaf35b6aad068
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:29:04 GMT
content-type: application/javascript
last-modified: Tue, 30 Apr 2024 15:20:25 GMT
etag: W/"66310c39-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=64T0mfZccPPa1uVnwMG9h6CJ83kJByYdvcUzY7HKqx1X5ZQ4iZPiJrCDaHqmXcjznSsBCV2bV6YqxuEPhSWmopnNw7Ym2%2Fl8MpiNCIyGWUiLyka4CxR7vJigcivltw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea8dddeee956c5-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 06 May 2024 18:29:04 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| i0.wp.com/cdn-s3.cfglobalcdn.com/flv/api/files/thumbs_new/2023/06/16/1686862976vxwhm/1686862976vxwhm-640x480-1.jpg |  192.0.77.2 | 200 OK | 9.5 kB |
URL GET HTTP/2i0.wp.com/cdn-s3.cfglobalcdn.com/flv/api/files/thumbs_new/2023/06/16/1686862976vxwhm/1686862976vxwhm-640x480-1.jpg IP192.0.77.2:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1436x720, Scaling: [none]x[none], YUV color, decoders should clamp Hash18e9ac5cced9ab2e1e84e73226fbd264 12e1c3f3ca0b1ef27c67def991f66605a36e212d abbf24b2995fcf91bc58109b268702242e4901e32972d1439b1c746d6648b556
GET /cdn-s3.cfglobalcdn.com/flv/api/files/thumbs_new/2023/06/16/1686862976vxwhm/1686862976vxwhm-640x480-1.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:29:05 GMT
content-type: image/webp
content-length: 9540
last-modified: Thu, 25 Apr 2024 22:04:48 GMT
expires: Sun, 26 Apr 2026 10:04:48 GMT
cache-control: public, max-age=63115200
link: <http://cdn-s3.cfglobalcdn.com/flv/api/files/thumbs_new/2023/06/16/1686862976vxwhm/1686862976vxwhm-640x480-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "46b01a4173780bbb"
vary: Accept
x-nc: MISS arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no | 188.114.97.1 | 200 OK | 39 kB |
URL GET HTTP/2younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no IP188.114.97.1:443
Requested byhttps://younetu.cc/player/embed_player.php?vid=1ygaPjPWcQv0 CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (4544) Hash0ea83c8276e7fc88346225fdc5ff053a 0e8f90d014d4c4445a9193bc4235024d57d24635 06612367b21a5d896ba98619595a21a2c169379c33f1c30a30bde5f04ef1a3fd
GET /player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:04 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//younetu.org>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//wss.commentsmodule.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//a.labadena.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
pragma: no-cache
x-origin-location: player
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-cache-status-inferno: MISS
x-inferno-location: player
x-inferno-limit-req: PASSED
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HtTDC9icScI%2Bg9Vaf2GY%2FW7aAFfevEvYWUAVLA1Zxi%2BpKNrzW%2BFlgsHfHSFhx2TTRJl4m%2BMojEj4PrPBjkMX3a09aqybv1WQ8yK62ExHuAdTDd1ta1Y0Jd8ccyP4Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8ddc6eadb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| younetu.org/styles/global/embed_player.3.css?130 | 188.114.97.1 | 200 OK | 1.9 kB |
URL GET HTTP/3younetu.org/styles/global/embed_player.3.css?130 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
Hash13d1a2ba273782dd25dd8abc54f4c4d9 e2b2e0440b78aed45b523459343710f9e18ab9a8 e2f1967bd0ff37182a4c0d4af0ae9cb04cdcbd189cec906bc2e2d9e0a36209e7
GET /styles/global/embed_player.3.css?130 HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:29:04 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 22:16:37 GMT
etag: W/"5fd14cc5-1701"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 353336
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x8vHCrs9Q24PJ32ViQKX2eKd2rXbiCUiHXSKysK%2FqF6WYuJz%2BdLEP4A%2FNXBmHnv9rLzJP%2FG3A5ri8m1AqbgcWxglCknm9gMFXGL9DV8GWXYEeM0HZadsr85qK%2FfbHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8dddeeea56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xml.popmansion.com/sub/ED05GzY | 172.67.169.85 | 200 OK | 647 B |
URL GET HTTP/2xml.popmansion.com/sub/ED05GzY IP172.67.169.85:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectpopmansion.com Fingerprint0D:C1:F3:27:BF:11:E1:A8:75:84:34:E1:82:23:6B:B6:8D:80:2C:5D ValidityTue, 30 Apr 2024 05:42:48 GMT - Mon, 29 Jul 2024 05:42:47 GMT
File typeHTML document, ASCII text Hash84339c1f9ae9e75dcd3c003bb7b4f16a 112d802802882ac2e3ced1cf61dc0331a175bc7c e92c85ca0c0ac78a1428bfaf1420a7eb42ae95004ea9566a7061380934e20faa
GET /sub/ED05GzY HTTP/1.1
Host: xml.popmansion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:07 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UREOCPXnSYnOVa5kp9kDpaFjg18QIGyAYuBarnaLb%2BHcin0xW%2BFIVVTjBnj5sq5OQQr5WXED94GB2UKLUH8Fj%2Bs2QfVJ8PhXdzLPujlvCR9O7bJSEyP0G60mbG%2B2UViz75F4v7M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8dee4a6e56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| correlationcocktailinevitably.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js | 192.243.61.227 | 200 OK | 14 kB |
URL GET HTTP/1.1correlationcocktailinevitably.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectcorrelationcocktailinevitably.com Fingerprint9D:29:AF:9B:5E:11:7C:28:2A:99:00:DC:D0:79:70:64:71:03:BE:B0 ValidityThu, 11 Apr 2024 08:16:39 GMT - Wed, 10 Jul 2024 08:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (39633), with no line terminators Hashf1ffc9ca1c62d3026241b8aa1a82fef0 9b7af151a9f48ac241f7d51f93d18d99af906448 4aa098a791f71192cceeef52ebd90aafda45f7816a97870f82eed7e5c866501e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js HTTP/1.1
Host: correlationcocktailinevitably.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 18:29:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 68619b272893a894108119a2782707f8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash691c3f87e4fe41a736328d3c71e2dbdc fd76f455b38ba18f00a6fb81e3585201eb3c43f6 8ac709de568d48e4c9e64b75afa6cd3fed58e2cf0c21e823af01ab342e6794b9
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 18:29:07 GMT
Last-Modified: Sat, 04 May 2024 17:01:05 GMT
Server: ECAcc (ska/F790)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ytdDWws_zu9IaqIepIvqGQpcHZO0AaQHs4IFtE2n7vvIfvJ5vrcA4A==
Age: 5282
|
|
| proftrafficcounter.com/stats |  18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash270278e30a7c934355f40a0441ca985e 75560b0456c681bfc76e09899691acf569fc5a6e 11ad9132be2908fc3803e23f9cdd76e404b17e1e08e60f0755109a88d736654a
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://younetu.org
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ff01a440-dc2d-419b-a9d6-b7757a6fa8b7:2:1; expires=Tue, 02 May 2034 18:29:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| xml.popmansion.com/load | 172.67.169.85 | 302 Found | 359 B |
IP172.67.169.85:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectpopmansion.com Fingerprint0D:C1:F3:27:BF:11:E1:A8:75:84:34:E1:82:23:6B:B6:8D:80:2C:5D ValidityTue, 30 Apr 2024 05:42:48 GMT - Mon, 29 Jul 2024 05:42:47 GMT
File typeHTML document, ASCII text Hashf219f4e1a432fbb2980f91563407cc2b 434419565b9b9e48baedb78c889dfda7b18b722d 05d912b6cb9b24ddb89ab6144f1f93a139be169d649ec68fc55bfb2d0ca93359
POST /load HTTP/1.1
Host: xml.popmansion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 92
Origin: https://xml.popmansion.com
DNT: 1
Connection: keep-alive
Referer: https://xml.popmansion.com/sub/ED05GzY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 04 May 2024 18:29:07 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlwiz.com/redirect?feed=598894&auth=FqgVMV&pubid=196092
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DDpdtNZZDFd%2FiBWjD1SOyRTz2wRYREXs7jHRl6fZDIfMBGZzo42QV%2B6EZ6lWBfFEJ50A2q6YE%2Bodd7qx5porY9%2FOpCYfZHFIR%2B61AXCj0bQ8%2FSiNwpkOzuMxCtE83UgZWoybzZ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8df03f0f5693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| donateentrailskindly.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js | 172.240.127.234 | 200 OK | 30 kB |
URL GET HTTP/1.1donateentrailskindly.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js IP172.240.127.234:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectdonateentrailskindly.com Fingerprint03:3A:5A:3D:D8:11:7C:BD:5B:E6:2A:C6:C1:25:D3:D1:07:37:3B:3A ValidityMon, 29 Apr 2024 12:49:22 GMT - Sun, 28 Jul 2024 12:49:21 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashf01fbc8248cf53cfe2bc7a0faeacd544 9c49528e2e0d1492653f65710aa6f325b8f0fcec d64aa9ebba34fe7622e502c0d7575080328b0698a4a4a96b13d96335e1852704
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js HTTP/1.1
Host: donateentrailskindly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 18:29:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3c577053338dc67cea8016bc4e63d1f2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| donateentrailskindly.com/sbar.json?key=ab0be2a44b7ecf91bdbd5cd360d84937&uuid=ff01a440-dc2d-419b-a9d6-b7757a6fa8b7%3A2%3A1 | 172.240.127.234 | 200 OK | 6.6 kB |
URL GET HTTP/1.1donateentrailskindly.com/sbar.json?key=ab0be2a44b7ecf91bdbd5cd360d84937&uuid=ff01a440-dc2d-419b-a9d6-b7757a6fa8b7%3A2%3A1 IP172.240.127.234:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectdonateentrailskindly.com Fingerprint03:3A:5A:3D:D8:11:7C:BD:5B:E6:2A:C6:C1:25:D3:D1:07:37:3B:3A ValidityMon, 29 Apr 2024 12:49:22 GMT - Sun, 28 Jul 2024 12:49:21 GMT
Hashaad2fd47a9289a25b7b5efd039a2a90d 3f4702432460c65eb2427068b1d850774cc325ca 95a98ec4470ee8f5d4ebb7cfbeb2d67d41f42469ca54ad1d11d7a77eaeaf8c49
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=ab0be2a44b7ecf91bdbd5cd360d84937&uuid=ff01a440-dc2d-419b-a9d6-b7757a6fa8b7%3A2%3A1 HTTP/1.1
Host: donateentrailskindly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 18:29:08 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://younetu.org
Access-Control-Allow-Origin: https://younetu.org
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17334947; expires=Sun, 05 May 2024 18:29:08 GMT; secure; SameSite=None
uid_id2=ff01a440-dc2d-419b-a9d6-b7757a6fa8b7:2:1; expires=Sat, 11 May 2024 18:29:08 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 18:29:08 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 18:29:08 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 05 May 2024 18:29:08 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 05 May 2024 18:29:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 318df381997c191e7558fb04881e5322
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| xml.popmansion.com/sub/KpEzn38 | 172.67.169.85 | 200 OK | 28 kB |
URL GET HTTP/2xml.popmansion.com/sub/KpEzn38 IP172.67.169.85:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectpopmansion.com Fingerprint0D:C1:F3:27:BF:11:E1:A8:75:84:34:E1:82:23:6B:B6:8D:80:2C:5D ValidityTue, 30 Apr 2024 05:42:48 GMT - Mon, 29 Jul 2024 05:42:47 GMT
File typeHTML document, ASCII text Hash2f63ed37fe0cf0f359e79577dd7051b7 200bd51191e4449d8038a04c61dd3729a3346e51 f49912040a906e54d161407b05bd8997cfa7b6e0b1d3a860b0a005fe60a34479
GET /sub/KpEzn38 HTTP/1.1
Host: xml.popmansion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:07 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fr3TCXKjlgBe0F1ICz3yPSw0KrieVz%2Fh9qj7KqcUaPxDLKyLGi8FJ5pAHj7r1p2S9SS4kZkySZW0f3FRoKaHiAScqfkzuZ%2BbuhIH4c0Ws%2FbPJu7ogOLCwU3vVoObxB7Ldbco5Yk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8dee5a7f56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| younetu.org/js/video.jquery_plugs/modernizr.js?12 | 188.114.97.1 | 200 OK | 1.1 kB |
URL GET HTTP/3younetu.org/js/video.jquery_plugs/modernizr.js?12 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeJavaScript source, ASCII text, with very long lines (1227), with no line terminators Hash981ce49e4c69148552b01cbbe30f0858 9cb566fa0e6cfda06fe4721214acc445d443ef07 458cc3be215bef898d5e6a41e25f0c022e6d5d5e61add13f13c01898bb53b9bc
GET /js/video.jquery_plugs/modernizr.js?12 HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:29:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 03 Jun 2018 17:19:35 GMT
etag: W/"5b142327-4cb"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 345034
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5mvpqCgeHghG1p%2BeHr41yS1IEBly5NOEZsyz2Uc7ni934PYJ%2Fgeg96YKfBVZ%2FhLGEIRgaGfbsOQmhkodCHgh3wmdaLag9cbDpceRuYlQg5M7EBGGYh1j%2FKJtgviNyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8dddeef256c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lernodydenknow.info/redirect?tid=1039225 | 108.157.229.103 | 302 Found | 0 B |
URL GET HTTP/2lernodydenknow.info/redirect?tid=1039225 IP108.157.229.103:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerAmazon Subjectlernodydenknow.info Fingerprint0B:53:BB:D6:51:E9:8D:1C:38:77:BA:75:C6:18:21:E5:31:71:DC:5B ValidityWed, 24 Jan 2024 00:00:00 GMT - Fri, 21 Feb 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?tid=1039225 HTTP/1.1
Host: lernodydenknow.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xml.popmansion.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/plain
content-length: 0
location: https://xmlclick.adcannyxml.com/nrtb/click?bid=V1CmnFmpW1P-Cd-G0G9RmOsCtgAM9EY7gh-PLi07ft2ACYIZjWLHVFpZ7roeo1rd_0_9
date: Sat, 04 May 2024 18:29:08 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=eb8b2058-bd3c-458d-88ea-8bcccd7ebfb1
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 cc81c6e9e0635b111f930d60fbded11e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: DdBwQXBSCmfjrGnPK9qkMJhJnOGsSdtwKTHwAH3aNJacUsomEXbcbA==
X-Firefox-Spdy: h2
|
|
| marazma.com/load | 104.21.0.191 | 302 Found | 359 B |
IP104.21.0.191:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectmarazma.com Fingerprint59:97:1F:84:2D:08:1A:6C:B3:9C:22:D5:77:31:8B:C8:5F:A0:0B:43 ValidityMon, 25 Mar 2024 00:10:01 GMT - Sun, 23 Jun 2024 00:10:00 GMT
File typeHTML document, ASCII text Hash03b8712e5691ef83bf8f3d4dbbc14742 47b5792c6c4a46babee2cd91651da3f7a067eb0b 389f9f92b519813c86bd74d77e63756199534667d74597bf4eba134b2601244f
POST /load HTTP/1.1
Host: marazma.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 92
Origin: https://marazma.com
DNT: 1
Connection: keep-alive
Referer: https://marazma.com/sub/zxwk7krOl5
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 04 May 2024 18:29:07 GMT
content-type: text/html; charset=utf-8
location: https://xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OIGCzPzU%2FyCKmsYt5ytoG93xyWIlM%2FsXb3KnKmHHfbXK7vc4ilX9zmR2XJq6QIXtlSBATp5dZaPhY%2FM1%2BkOYysfZROb1RpvReGT7TAGTYQCPckgiLkWnzTirYEf%2FCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8deff9f2712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| failpendingoppose.com/pixel/purst?dl=0&th=0&sc=0&rs=4139&rd=4139&fd=601&bv=24.5.6485&tmpl=136 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1failpendingoppose.com/pixel/purst?dl=0&th=0&sc=0&rs=4139&rd=4139&fd=601&bv=24.5.6485&tmpl=136 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectfailpendingoppose.com FingerprintEA:8D:0F:1C:ED:4F:51:92:B0:7F:A5:55:40:65:12:08:79:3C:74:C1 ValidityMon, 29 Apr 2024 08:07:14 GMT - Sun, 28 Jul 2024 08:07:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=4139&rd=4139&fd=601&bv=24.5.6485&tmpl=136 HTTP/1.1
Host: failpendingoppose.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 18:29:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/animate.css | 188.114.96.1 | 200 OK | 5.5 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/animate.css IP188.114.96.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash3d4123dbfb33d27a5cfdfcfa91df6783 e7d0eeeec54b848f0bc3da8685fa3bc88429d660 cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887
GET /sb/ssp/vpn/classic-push/small/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:08 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 341677
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m4HPOY%2FaK4Mr3u%2FhBFW%2FkN5XvYeak7PFoVL8DCjBRbohYMvXl3OX9ahLclehXcC%2BxEJR8KHEal%2B88frOZ0a77dA%2FPzboJjgMDu79VTEjeEdBh1hZ7GbJP2sHNZ9NBhesBEqW1ewx0oF3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea8df84aab56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js | 188.114.96.1 | 200 OK | 31 kB |
URL GET HTTP/3cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js IP188.114.96.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJavaScript source, ASCII text, with very long lines (32025) Hash4a356126b9573eb7bd1e9a7494737410 8258d046f17dd3c15a5d3984e1868b7b5d1db329 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
GET /sb/ssp/vpn/classic-push/small/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:29:08 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 349352
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XxLH7Ei9IQYNt%2FBVb4zCn5P%2BXsh26Ky%2BTR3PtF%2B34TnJnxW8aqtfHXAx7cc3goVaKDrIAnncES%2B0QYa2744%2BI7zXtRcO%2Fb4Cq4AT39f3c8ffpbEaIdINcRQCBmd8dT9MtJdtNDqUvofh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea8df90ebeb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| capaciousdrewreligion.com/advertisers.js | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP172.240.127.234:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 18:29:08 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5dd993d7045e98def6cd187164f2b85c
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html | 45.133.44.4 | 200 OK | 943 B |
URL GET HTTP/2cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html IP45.133.44.4:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3 ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File typegzip compressed data, from Unix Hash307f0c82ce0ca5bd7e937d47f0f3c42a bc28d1e021b4c79ba26bd3dfe7b506a3c49b520b a353e0f3cc82a680e801e3dec5005efb4b1d06aa38e31b1b8c9145c4b330b3c1
GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:08 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Mon, 27 Sep 2021 07:43:24 GMT
etag: W/"6151761c-52d"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 04 May 2024 19:29:08 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/si/07/9c/1b/079c1b9b48633e3ef398faef0739f24f/1701651986.png | 45.133.44.9 | 200 OK | 16 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/07/9c/1b/079c1b9b48633e3ef398faef0739f24f/1701651986.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash14cf262fabfd850855c42847d14fe775 2fafa28f167f018a0fb1f261f47380c8810803c9 972004ebada4077c3a4d03dcb45175ea467faf54da72be727a1c5c75e688b8af
GET /si/07/9c/1b/079c1b9b48633e3ef398faef0739f24f/1701651986.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:08 GMT
content-type: image/png
content-length: 16093
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 01:06:35 GMT
etag: "656d261b-3edd"
expires: Mon, 06 May 2024 18:29:08 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| xmlclick.adcannyxml.com/nrtb/click?bid=V1CmnFmpW1P-Cd-G0G9RmOsCtgAM9EY7gh-PLi07ft2ACYIZjWLHVFpZ7roeo1rd_0_9 | 23.226.122.79 | 302 Found | 55 B |
URL GET HTTP/2xmlclick.adcannyxml.com/nrtb/click?bid=V1CmnFmpW1P-Cd-G0G9RmOsCtgAM9EY7gh-PLi07ft2ACYIZjWLHVFpZ7roeo1rd_0_9 IP23.226.122.79:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerUnizeto Technologies S.A. Subject*.adcannyxml.com Fingerprint94:3C:B1:37:BD:FA:9C:E1:1E:F4:57:BB:30:0F:66:33:53:31:41:24 ValidityMon, 18 Mar 2024 07:29:56 GMT - Tue, 18 Mar 2025 07:29:55 GMT
File typeHTML document, ASCII text Hash397f81a4f18e04a060c75e5b71f7cee1 557f585b9711a7f867cff5a443ed2bce8eefcf8b bb44fc266d7d490de9db213118e1a22f9edf87f963b26ba9a02e923a9b5a4b1f
GET /nrtb/click?bid=V1CmnFmpW1P-Cd-G0G9RmOsCtgAM9EY7gh-PLi07ft2ACYIZjWLHVFpZ7roeo1rd_0_9 HTTP/1.1
Host: xmlclick.adcannyxml.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xml.popmansion.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:29:08 GMT
content-type: text/html; charset=utf-8
content-length: 55
location: https://t.bawixi.xyz/1/?zid=9776
X-Firefox-Spdy: h2
|
|
| xml.cachegorilla.com/redirect?feed=652770&auth=kWcHhV&pubid=202912 | 173.239.53.20 | 302 Found | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=652770&auth=kWcHhV&pubid=202912 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=652770&auth=kWcHhV&pubid=202912 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xml.popmansion.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:29:08 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://becast.onionlive.workers.dev/
|
|
| donateentrailskindly.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYtcRRSt1xlQcCFKdir0QkFJpue9%2Fm6zCMY4EhxnQqLoRqS%2BXk851a9eql7165mFDAlIlo3g%2Fs3p%2BUANoj8gQXoCEQaEtC4c0Nn4DxQC7qTbxta7qHtvnVNw6tz72Z4%2FI1V4enr1XbOjtKYrjUpYfvXDKLpUXlOJH5QH7ebHzfqlsu2%2F3mlWwtfKb0u%2BZVaqYRSGURiVV5WVsRmsTEGo9F4nqnTCSr1aiRp1DOz%2Fe%2BcDOBpA9M%2FI81BisvQwOA%2FFx0h6316Vbisz6cW3el7TzFj0xdH7yVZi8gS9RRnbAHFyNGfDuMerD2CSg5lcmP6%2FRKYmJHj0ACw5mosE6%2B%2FPdDINmYCJZ5D3x5B6DEXH4OYOlHhMAC6wvoGkd7hubE63%2F0HpFJ2QpSd%2FQuUTsvTbeSS9b65oNSjfNNpnyiQOg7iAGoyhumOk%2FhjZTgkqPwbPbkOJH8nKkzUkvf0Npw2UOH05jsOI1uvhsuBVsVyPOmyZdkRzmbVajRZtxrTNWjODlBpDxWNoOQR1JXgXwKsAPg7g0wA9cVrmURS1QsFp2O5wXhMtyZoijGgrjmgUNtvwfPqHIbJ0CK6H4HYXqd3FlhrC%2Bu%2FhNgs4EcBlBH1RIJcEuSPIKUGuCPKMIO8XB0K7qisOhXaeRfNcnedaMTJZd48emKwrEwJqh7Ci2EvPyHNTA4Onb4%2BwJU%2FLlIVMVmm9zlqSx52ICSYaXNSaoWjXO7UWnCqgXAnUBdhRE%2FLi%2FQtI1YQ89dGvYPQYTh%2BDq1dA%2FUugeQG6WWAnOdy8dauSGQhTIM2WkG0He%2FqMvDAb3vrPP0Dyk8u%2F12YBbguktsAn6iFBV98d3TA52b9hcke%2B20gz1VM7dDrYmxnN5Lmv3pHbubHi2lU3%2FPINPgWm5b33pMvWaCJU0nXk6ytKCGlXjeWS3L%2FmPpDsunebV7xNfLp2%2Fc3Va73USueUScag0x39w4KrCXn2i4uznb3w1y9QdgzrC%2FT8CZkHlBmDp7tw6UK%2FMwRWLzgsDZD7YmSrbHGpFYGWi56yAu4%2FPVvUI0unr6kq9txddG0JNLuDpFegbwv0dQGqh3D%2B3ChL7cnln%2BYymC6NmLalfaat%2Fnxm8%2FR4BKdOy7VQtJiMZYvJeqMeSy5Yo8FCHnNWE%2B02R%2BYmcfPT7G8AAAD%2F%2FwEAAP%2F%2FAxoNSI0EAAA%3D | 172.240.127.234 | 200 OK | 7 B |
URL GET HTTP/1.1donateentrailskindly.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYtcRRSt1xlQcCFKdir0QkFJpue9%2Fm6zCMY4EhxnQqLoRqS%2BXk851a9eql7165mFDAlIlo3g%2Fs3p%2BUANoj8gQXoCEQaEtC4c0Nn4DxQC7qTbxta7qHtvnVNw6tz72Z4%2FI1V4enr1XbOjtKYrjUpYfvXDKLpUXlOJH5QH7ebHzfqlsu2%2F3mlWwtfKb0u%2BZVaqYRSGURiVV5WVsRmsTEGo9F4nqnTCSr1aiRp1DOz%2Fe%2BcDOBpA9M%2FI81BisvQwOA%2FFx0h6316Vbisz6cW3el7TzFj0xdH7yVZi8gS9RRnbAHFyNGfDuMerD2CSg5lcmP6%2FRKYmJHj0ACw5mosE6%2B%2FPdDINmYCJZ5D3x5B6DEXH4OYOlHhMAC6wvoGkd7hubE63%2F0HpFJ2QpSd%2FQuUTsvTbeSS9b65oNSjfNNpnyiQOg7iAGoyhumOk%2FhjZTgkqPwbPbkOJH8nKkzUkvf0Npw2UOH05jsOI1uvhsuBVsVyPOmyZdkRzmbVajRZtxrTNWjODlBpDxWNoOQR1JXgXwKsAPg7g0wA9cVrmURS1QsFp2O5wXhMtyZoijGgrjmgUNtvwfPqHIbJ0CK6H4HYXqd3FlhrC%2Bu%2FhNgs4EcBlBH1RIJcEuSPIKUGuCPKMIO8XB0K7qisOhXaeRfNcnedaMTJZd48emKwrEwJqh7Ci2EvPyHNTA4Onb4%2BwJU%2FLlIVMVmm9zlqSx52ICSYaXNSaoWjXO7UWnCqgXAnUBdhRE%2FLi%2FQtI1YQ89dGvYPQYTh%2BDq1dA%2FUugeQG6WWAnOdy8dauSGQhTIM2WkG0He%2FqMvDAb3vrPP0Dyk8u%2F12YBbguktsAn6iFBV98d3TA52b9hcke%2B20gz1VM7dDrYmxnN5Lmv3pHbubHi2lU3%2FPINPgWm5b33pMvWaCJU0nXk6ytKCGlXjeWS3L%2FmPpDsunebV7xNfLp2%2Fc3Va73USueUScag0x39w4KrCXn2i4uznb3w1y9QdgzrC%2FT8CZkHlBmDp7tw6UK%2FMwRWLzgsDZD7YmSrbHGpFYGWi56yAu4%2FPVvUI0unr6kq9txddG0JNLuDpFegbwv0dQGqh3D%2B3ChL7cnln%2BYymC6NmLalfaat%2Fnxm8%2FR4BKdOy7VQtJiMZYvJeqMeSy5Yo8FCHnNWE%2B02R%2BYmcfPT7G8AAAD%2F%2FwEAAP%2F%2FAxoNSI0EAAA%3D IP172.240.127.234:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectdonateentrailskindly.com Fingerprint03:3A:5A:3D:D8:11:7C:BD:5B:E6:2A:C6:C1:25:D3:D1:07:37:3B:3A ValidityMon, 29 Apr 2024 12:49:22 GMT - Sun, 28 Jul 2024 12:49:21 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTYtcRRSt1xlQcCFKdir0QkFJpue9%2Fm6zCMY4EhxnQqLoRqS%2BXk851a9eql7165mFDAlIlo3g%2Fs3p%2BUANoj8gQXoCEQaEtC4c0Nn4DxQC7qTbxta7qHtvnVNw6tz72Z4%2FI1V4enr1XbOjtKYrjUpYfvXDKLpUXlOJH5QH7ebHzfqlsu2%2F3mlWwtfKb0u%2BZVaqYRSGURiVV5WVsRmsTEGo9F4nqnTCSr1aiRp1DOz%2Fe%2BcDOBpA9M%2FI81BisvQwOA%2FFx0h6316Vbisz6cW3el7TzFj0xdH7yVZi8gS9RRnbAHFyNGfDuMerD2CSg5lcmP6%2FRKYmJHj0ACw5mosE6%2B%2FPdDINmYCJZ5D3x5B6DEXH4OYOlHhMAC6wvoGkd7hubE63%2F0HpFJ2QpSd%2FQuUTsvTbeSS9b65oNSjfNNpnyiQOg7iAGoyhumOk%2FhjZTgkqPwbPbkOJH8nKkzUkvf0Npw2UOH05jsOI1uvhsuBVsVyPOmyZdkRzmbVajRZtxrTNWjODlBpDxWNoOQR1JXgXwKsAPg7g0wA9cVrmURS1QsFp2O5wXhMtyZoijGgrjmgUNtvwfPqHIbJ0CK6H4HYXqd3FlhrC%2Bu%2FhNgs4EcBlBH1RIJcEuSPIKUGuCPKMIO8XB0K7qisOhXaeRfNcnedaMTJZd48emKwrEwJqh7Ci2EvPyHNTA4Onb4%2BwJU%2FLlIVMVmm9zlqSx52ICSYaXNSaoWjXO7UWnCqgXAnUBdhRE%2FLi%2FQtI1YQ89dGvYPQYTh%2BDq1dA%2FUugeQG6WWAnOdy8dauSGQhTIM2WkG0He%2FqMvDAb3vrPP0Dyk8u%2F12YBbguktsAn6iFBV98d3TA52b9hcke%2B20gz1VM7dDrYmxnN5Lmv3pHbubHi2lU3%2FPINPgWm5b33pMvWaCJU0nXk6ytKCGlXjeWS3L%2FmPpDsunebV7xNfLp2%2Fc3Va73USueUScag0x39w4KrCXn2i4uznb3w1y9QdgzrC%2FT8CZkHlBmDp7tw6UK%2FMwRWLzgsDZD7YmSrbHGpFYGWi56yAu4%2FPVvUI0unr6kq9txddG0JNLuDpFegbwv0dQGqh3D%2B3ChL7cnln%2BYymC6NmLalfaat%2Fnxm8%2FR4BKdOy7VQtJiMZYvJeqMeSy5Yo8FCHnNWE%2B02R%2BYmcfPT7G8AAAD%2F%2FwEAAP%2F%2FAxoNSI0EAAA%3D HTTP/1.1
Host: donateentrailskindly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Cookie: u_pl=17334947; uid_id2=ff01a440-dc2d-419b-a9d6-b7757a6fa8b7:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 18:29:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5ec00865af78cb14e2c504aedcb3c1a4
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| donateentrailskindly.com/pixel/sbs?c=1 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1donateentrailskindly.com/pixel/sbs?c=1 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectdonateentrailskindly.com Fingerprint03:3A:5A:3D:D8:11:7C:BD:5B:E6:2A:C6:C1:25:D3:D1:07:37:3B:3A ValidityMon, 29 Apr 2024 12:49:22 GMT - Sun, 28 Jul 2024 12:49:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: donateentrailskindly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Cookie: u_pl=17334947; uid_id2=ff01a440-dc2d-419b-a9d6-b7757a6fa8b7:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 18:29:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 32432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 232449
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| offmantiner.com/sftouch?userId=00805272b0d24f5ced093714f58e4461&z=6120639&p_rid=4c071e0a-d838-46d7-953c-5a2b1e120bcb&p_src=sf&branchId=0&rb=aq0IVCfYYP8gR8onPvztMC3j635TV_Rcp38XQyj2t-dAwZaGCatHoAgZQyphvgSRlTsMKvTgjYshooLAViEw6Tm3qjZ1DwWD-BVAVLXchH7rDXtQFM2yXdcZOdu2LfjpCLdLsR0jOKY6Q1jtkXy2wtdDig3QOzsyZd2ZBF1XK20lJPtjuyzajl3e-DFY-aTSdOc1EjESHWYxhuvcsyOy3GDzgI-ME8chO36Eo1qQH3LHV5OKLx-6aFxArSMl21MewKsJvZIbg0iQDGPnsGkSrLy7-tpXaOnE3DzPUg== |  139.45.197.245 | | 2 B |
URL offmantiner.com/sftouch?userId=00805272b0d24f5ced093714f58e4461&z=6120639&p_rid=4c071e0a-d838-46d7-953c-5a2b1e120bcb&p_src=sf&branchId=0&rb=aq0IVCfYYP8gR8onPvztMC3j635TV_Rcp38XQyj2t-dAwZaGCatHoAgZQyphvgSRlTsMKvTgjYshooLAViEw6Tm3qjZ1DwWD-BVAVLXchH7rDXtQFM2yXdcZOdu2LfjpCLdLsR0jOKY6Q1jtkXy2wtdDig3QOzsyZd2ZBF1XK20lJPtjuyzajl3e-DFY-aTSdOc1EjESHWYxhuvcsyOy3GDzgI-ME8chO36Eo1qQH3LHV5OKLx-6aFxArSMl21MewKsJvZIbg0iQDGPnsGkSrLy7-tpXaOnE3DzPUg== IP139.45.197.245:0
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /sftouch?userId=00805272b0d24f5ced093714f58e4461&z=6120639&p_rid=4c071e0a-d838-46d7-953c-5a2b1e120bcb&p_src=sf&branchId=0&rb=aq0IVCfYYP8gR8onPvztMC3j635TV_Rcp38XQyj2t-dAwZaGCatHoAgZQyphvgSRlTsMKvTgjYshooLAViEw6Tm3qjZ1DwWD-BVAVLXchH7rDXtQFM2yXdcZOdu2LfjpCLdLsR0jOKY6Q1jtkXy2wtdDig3QOzsyZd2ZBF1XK20lJPtjuyzajl3e-DFY-aTSdOc1EjESHWYxhuvcsyOy3GDzgI-ME8chO36Eo1qQH3LHV5OKLx-6aFxArSMl21MewKsJvZIbg0iQDGPnsGkSrLy7-tpXaOnE3DzPUg== HTTP/1.1
Host: offmantiner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://offmantiner.com
DNT: 1
Connection: keep-alive
Referer: https://offmantiner.com/4/6120639/
Cookie: OAID=00805272b0d24f5ced093714f58e4461; oaidts=1714847349
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:29:09 GMT
content-type: text/plain
content-length: 2
x-trace-id: fdf64f73b029e48ef522979053bcf73e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://offmantiner.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/img.gif?f=merge&userId=00805272b0d24f5ced093714f58e4461&z=6120639&p_rid=4c071e0a-d838-46d7-953c-5a2b1e120bcb&p_src=sf | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=00805272b0d24f5ced093714f58e4461&z=6120639&p_rid=4c071e0a-d838-46d7-953c-5a2b1e120bcb&p_src=sf IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=00805272b0d24f5ced093714f58e4461&z=6120639&p_rid=4c071e0a-d838-46d7-953c-5a2b1e120bcb&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offmantiner.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:29:10 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=00805272b0d24f5ced093714f58e4461; expires=Sun, 04 May 2025 18:29:10 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| t.yunaga.xyz/1/?spot_id=5011 | 104.21.56.136 | 302 Found | 151 B |
URL GET HTTP/2t.yunaga.xyz/1/?spot_id=5011 IP104.21.56.136:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyunaga.xyz Fingerprint23:B7:72:6D:6F:C6:6F:96:9E:1F:5C:29:0F:31:FC:36:7F:1E:84:40 ValidityTue, 19 Mar 2024 23:59:20 GMT - Mon, 17 Jun 2024 23:59:19 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash6598f13d4320f886a9a08cafc75c8705 e78039e1618e545c5cba433785923ddb38b7e241 f83e21d04e6b649ebe7c213bbbfed798362fd21831b4cac38afd70de61c8d9fb
GET /1/?spot_id=5011 HTTP/1.1
Host: t.yunaga.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.bawixi.xyz/
DNT: 1
Connection: keep-alive
Cookie: _trd_=9a98f167add2e8; _uqt3157949621=1; _uqp3178561817=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Sat, 04 May 2024 18:29:10 GMT
content-type: text/html
location: https://yahoo.com
set-cookie: _trd_=9a98f167add2e8; Expires=Sun, 04-May-25 18:29:07 GMT; Domain=.yunaga.xyz; Path=/; Secure; SameSite=None
_uqt3157949621=2; Expires=Sun, 05-May-24 00:00:00 GMT; Domain=.yunaga.xyz; Path=/; Secure; SameSite=None
_uqp3178561817=2; Expires=Sun, 05-May-24 00:00:00 GMT; Domain=.yunaga.xyz; Path=/; Secure; SameSite=None
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ibiXK8DibriJORvIFL3aebvfbYnFvXLrZ9Hg2%2F01lqFtkrqPOQ1N6sHUrv1E8QXzGBOMTxR1TwkkfQrS6GX43hxZ7pa5c3YkcuwOFJhXc5pl6HxPXUi%2BYc0r2sPLdO0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8e0169e01c06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESKTOP | 13.107.213.53 | 307 Temporary Redirect | 0 B |
URL GET HTTP/2adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESKTOP IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESKTOP HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
date: Sat, 04 May 2024 18:29:10 GMT
content-type: text/html
content-length: 0
cache-control: private,no-cache, no-store
pragma: no-cache
location: https://www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2244da1bc8-7afb-4dc1-8975-8d6b8d4a3462%7c0%22%7d%5d; domain=.unibet.com; expires=Sun, 04-May-3023 18:29:10 GMT; path=/; secure; SameSite=Strict
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
x-azure-ref: 20240504T182910Z-er15bb998b7frflbq63x12c8y00000000290000000005vrz
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 |  85.184.96.28 | 302 Found | 138 B |
URL GET HTTP/2www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashaff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 04 May 2024 18:29:10 GMT
content-type: text/html
content-length: 138
location: https://www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: U
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
set-cookie: clientId=polopoly_desktop; Domain=www.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
|
|
| yahoo.com/ | 98.137.11.164 | 301 Moved Permanently | 8 B |
IP98.137.11.164:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectyahoo.com Fingerprint2C:3D:69:2F:18:D8:60:42:F4:5D:66:B5:11:C1:80:98:ED:45:9E:85 ValidityTue, 20 Feb 2024 00:00:00 GMT - Wed, 14 Aug 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashf17ca2c829680ada2fec9fc87bc5f606 fb5ed1e8458cc7da71478ddab87136681cb0179e 093452239d0e2e43b06b9d5cd8ac735c26449e340e001f87904765bb30e2293e
GET / HTTP/1.1
Host: yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.bawixi.xyz/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Sat, 04 May 2024 18:29:10 GMT
strict-transport-security: max-age=31536000
server: ATS
cache-control: no-store, no-cache
content-type: text/html
content-language: en
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
location: https://www.yahoo.com/
content-length: 8
X-Firefox-Spdy: h2
|
|
| www.yahoo.com/ | 87.248.119.252 | 307 Temporary Redirect | 0 B |
IP87.248.119.252:443 ASN#203220 Yahoo-UK Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subject*.fantasysports.yahoo.com FingerprintFB:A0:5A:E1:EC:89:4D:F2:05:92:12:26:0C:97:C8:C6:CF:19:2F:96 ValidityTue, 30 Apr 2024 00:00:00 GMT - Wed, 19 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: www.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.bawixi.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
date: Sat, 04 May 2024 18:29:10 GMT
strict-transport-security: max-age=31536000
server: ATS
cache-control: no-store
content-type: text/html; charset=utf-8
content-language: en
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
location: https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=cmgHkAk&done=https%3A%2F%2Fwww.yahoo.com%2F
set-cookie: GUCS=AXJoB5AJ; Max-Age=1800; Domain=.yahoo.com; Path=/; Secure
content-length: 0
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 23 kB |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd0aee2b54b5d6208867733fc0e93758d fce0809ffad2b3a859860ad1d29b827e2fd56118 147c6e7b2131df0b9e9dd3e17487aa6dc1c90b327715c20d4439dcfac0cd553e
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:10 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=787091738c5d147a7b8fb5da33372e4d|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:10 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=a0d313d6499c5e0f323c5aaa90c3f409; expires=Sat, 04-May-24 21:29:10 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=dcd2ac585cd74ff7d0087504107aa255|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:10 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=DBEB359D374425293C7CE058B4159D8A; Path=/; Secure; HttpOnly
x-request-id: 2edc4ac48e2a35a1d63fc5dc9ee685de
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:10 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| guce.yahoo.com/consent?brandType=nonEu&gcrumb=cmgHkAk&done=https%3A%2F%2Fwww.yahoo.com%2F |  52.18.2.148 | 302 Found | 0 B |
URL GET HTTP/1.1guce.yahoo.com/consent?brandType=nonEu&gcrumb=cmgHkAk&done=https%3A%2F%2Fwww.yahoo.com%2F IP52.18.2.148:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectguce.oath.com Fingerprint2F:DD:80:46:59:94:25:7E:16:92:8A:41:57:EF:0A:73:49:20:DA:A2 ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /consent?brandType=nonEu&gcrumb=cmgHkAk&done=https%3A%2F%2Fwww.yahoo.com%2F HTTP/1.1
Host: guce.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.bawixi.xyz/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Connection: keep-alive
Server: guce
Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5
Content-Length: 0
Date: Sat, 04 May 2024 18:29:11 GMT
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hash6ef59747a19681ceec9b9b143e6dffa1 193423ecdedcdab144e9293dfbecb4b38b1090c2 24ae0d11d6b9c36352a97bd63ba02746b6b9cc59cbf74fede100694ca260d0e1
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.bawixi.xyz/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-1oCZ+Gap+T17zboiY5VzEBaqJnEdBug7' https://s.yimg.com; style-src 'self' 'nonce-1oCZ+Gap+T17zboiY5VzEBaqJnEdBug7' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:11 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hash52672791f61b5d627ccd026ba8a98296 243811fa46f63b3d13df2c1a25cae332ba01756b a9aed09e7f01a8ab07574ad03397c2a5258ee13f9ef7de80136382851627cdcb
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-Gfcqb9dOCE4USWa53WUl4FutT+4gqh1Y' https://s.yimg.com; style-src 'self' 'nonce-Gfcqb9dOCE4USWa53WUl4FutT+4gqh1Y' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 733
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:12 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 733
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:12 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hash04026d315154f6ca4fd2c694b529b135 e8fe6d93467f29efd290247c28ca4732e0405db1 2d3064c08df40b8afde18f28e3c3559fa29eee60faefadadd77827392f9eff84
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-3uZrFlb1wOUBOFqxUJNorDzpl8/rj9Pt' https://s.yimg.com; style-src 'self' 'nonce-3uZrFlb1wOUBOFqxUJNorDzpl8/rj9Pt' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:12 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hashcbf2709cbd4ac7e56605f1fcd99faf1c e541b0f5a908334c3677a9645e4e74e935e48b4f 8d071d94b5825989ef92d7d43513ba76ecfbe3c5e051bf8d10a6f0d5529a4c82
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-AXPAUszCqy4hChh2BdgRLbLNNk7+tIxP' https://s.yimg.com; style-src 'self' 'nonce-AXPAUszCqy4hChh2BdgRLbLNNk7+tIxP' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:12 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:12 GMT
x-envoy-upstream-service-time: 0
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hashdd452cec2cd6f765fe9992bf313c187a 0405105d713aa4b3d1574465e1a315eff5d9fb12 76d91e666987773c710fd625bef876e3ffe979473e3c721b0e29c700dbcb12c4
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-86lnNZ6r/jJ6q40SliH78yJzFAkV7n9C' https://s.yimg.com; style-src 'self' 'nonce-86lnNZ6r/jJ6q40SliH78yJzFAkV7n9C' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css | 188.114.96.1 | 200 OK | 961 B |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css IP188.114.96.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash039a6734d79ed9aa51cf81c52479c5fe 9cf29c4ea1a3880681d50c7228374f8073b7778b a15bad73fc8907795285b78a4a1a1bf5e7f68b4d39988b9bb165444819cf9eb1
GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:08 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-d1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 339318
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X86hiz5sLNxCurikled8Hu2KbxNMbKo7PDGGlMjA%2FvhNBQQDLvcnReL5Mu8WYul4WbW1oeqNmJxx7YtsCusNBgsLzknnVTfMATlvVkxNXqxXO%2FSU29rhyNCZa3GOj9NQffFtiwJ7T7u2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea8df83a9d56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:12 GMT
x-envoy-upstream-service-time: 2
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:12 GMT
x-envoy-upstream-service-time: 2
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:12 GMT
x-envoy-upstream-service-time: 0
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:12 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hashd914a0ebaa117a257b4be7b9c27e288f 876b0954eea38a0eb4d29a5fb7739af1b91b9785 e608fe79786f0cefc2b415c8254d632d2cc2d75c65acaefd25c4938e5e455dcf
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-8Z1Zg+Ir4WqKhdgOa2utpx20TXNqw8+a' https://s.yimg.com; style-src 'self' 'nonce-8Z1Zg+Ir4WqKhdgOa2utpx20TXNqw8+a' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hashee0de478182c7f7f2e235d5ae3de6e87 7aa1b4ea606030316f65a8b32c735b919766876f 20ec7536be78dbb9d655bd90d6c275fc53f00adf04d6effcbe57e51027934fcf
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-aD4oZE+BxldPoF+SyNi5nKX3r1j0HS4V' https://s.yimg.com; style-src 'self' 'nonce-aD4oZE+BxldPoF+SyNi5nKX3r1j0HS4V' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:12 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:12 GMT
x-envoy-upstream-service-time: 0
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:12 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | | 50 kB |
URL www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:0 ASN#47171 Unibet Services Limited
CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd7c024541563b6e7b555440d8ba0b418 66f8fd40b833de089a34e6bcba2185f3a2ab91b0 ce79e401be8be8a6949b14609c7e31884dfae519bcd74942d674597cde6ba41c
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:12 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=46428b204d5bde341365c567d0ff9058|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:11 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=bd81e1ef9383d0eb91dde483ef6c184b; expires=Sat, 04-May-24 21:29:11 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=570a994a3a5350c9799043851a088521|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:11 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=BDF166C74C33129BC3FC0007005605D2; Path=/; Secure; HttpOnly
x-request-id: 6b87f41c30168d7d3151517867ec0117
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:12 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:12 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | | 28 kB |
URL www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:0 ASN#47171 Unibet Services Limited
CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hash585ba6977f2468ff95592ef54d9d7e3c 0f4ffd7f45362855b893f00c8698716326ceab97 1d6f9f80b6b00753440ec753013872243c54e44720bc5981696725ca058e6190
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:11 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=2cec5b8a82b6747f079659604ee9299d|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:11 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=6fbb0f856da97952ffc8f76d6bdbe615; expires=Sat, 04-May-24 21:29:11 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=6ff76a1cf5197a9f602c3da51f804d40|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:11 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=5FE796D952A381478DDA2D42B9B5414A; Path=/; Secure; HttpOnly
x-request-id: 0187ed347721d4cd6c09eb93be049b49
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:11 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hashcf8d2c4e5866aae8fda7a2a77b8b72c4 b71e4b89cc8780c1c2f49e818fd6ec436ae7547d 2af48da57fccf2b8de82d47054e8c9e85c6314ac4f2671730987920a31dc37b6
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-ELUfs5eQyaUh4BOJPVOmZm8+T40sl550' https://s.yimg.com; style-src 'self' 'nonce-ELUfs5eQyaUh4BOJPVOmZm8+T40sl550' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:12 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | | 23 kB |
URL www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:0 ASN#47171 Unibet Services Limited
CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (31157), with CRLF, LF line terminators Hash0544182627fd90bee054204829939865 d3815363373e1f906e590528dd9c207cb8d05091 f2799620d4f3b758f2fdf8e9f0040a3bd8421ec5567e0c70c9c908e1a534a7f7
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:12 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=b4cd3feb6e35d6808bcd48548d8eb3fa|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:12 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=c6e7d021578a6d515ea8710af4755743; expires=Sat, 04-May-24 21:29:12 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=6d615910b9dda067ca63d315fb193e57|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:12 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=4E94753F78C3EC143B11C6843F557FE6; Path=/; Secure; HttpOnly
x-request-id: 5e2ab82ab021429cb25d438425b4d4bc
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:12 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:12 GMT
x-envoy-upstream-service-time: 0
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:12 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hashda786c50c186154828d86df8f0b4bf61 1850cd7519146d6bf4ced53f6e2a1b565425f09f 3996bbece64b4958d8c2e11c57ee41f9c08296cf3af6aab8234ae257272ef10b
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-M6di40OsJlYarVbr0FcrXJeUzD+ajIIC' https://s.yimg.com; style-src 'self' 'nonce-M6di40OsJlYarVbr0FcrXJeUzD+ajIIC' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | | 23 kB |
URL www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:0 ASN#47171 Unibet Services Limited
CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (31157), with CRLF, LF line terminators Hash0497df72483484168393de41de6a48bd 51835ecf94829ad3de5058af21a569b0267310c4 ecc803dfc358a694492684c36b174889595a92f3a8093088405bcf317ab4a00a
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:12 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=6a17255fe297cb45925dc828a413fad2|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:12 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=5124735c5f5e6c33956827e95582a1b1; expires=Sat, 04-May-24 21:29:12 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=bdcc9d51aa6fc351c02f15435c741272|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:12 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=29173001F058E2CB04E51761239E5002; Path=/; Secure; HttpOnly
x-request-id: 80235cb27b7dda4643bee503f9d5ff8f
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:12 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | | 23 kB |
URL www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:0 ASN#47171 Unibet Services Limited
CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (31157), with CRLF, LF line terminators Hashb78ef34a7b430a4a72927e00fc484fb7 8530a6ea7d200e57a3b30879708d37488076ccb1 2cfc10c0ceeaa6dc3e220eb2010442e47c38169a9da6ae393cce061bcdd69171
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:12 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=99cd7fdbf66ec6143c0c2d825721f6bd|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:12 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=b1c8009a652c0df1dfe3814add01448f; expires=Sat, 04-May-24 21:29:12 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=443eb3c92762d13bed33267a8342764f|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:12 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=BB9AF4F909E2483530DDD69EF93FD60D; Path=/; Secure; HttpOnly
x-request-id: f1c9be04b61af4d301759e4c8cabd1c1
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:12 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hash5737b57902dd6f9bdedce18fae658c6a 20e86fdb82c2861727b35584be55db57a17a2344 83f5c10306f1c5c1dc0631533c05bda5ae9c9d90745bd895779ce36b964808e3
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-s6krQfDGJWKoMi7vvz8EDpDHgCVJ1luD' https://s.yimg.com; style-src 'self' 'nonce-s6krQfDGJWKoMi7vvz8EDpDHgCVJ1luD' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:13 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:13 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:13 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hash2cb9561603164372e191ba9ab55f2ce4 a4152273c76c778e4d9d51f68786dbb2327f17a7 fffcc164eb3d637fb192b2f844d90f6fed20ac93fea410d2677e74297fe007cf
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-WX9/197G4k9YEmo4Pg9i0WxzRAEYeD7+' https://s.yimg.com; style-src 'self' 'nonce-WX9/197G4k9YEmo4Pg9i0WxzRAEYeD7+' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:13 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hash8178de965ea06bd6bdc08d05cfd08653 692cfb67a74e746c08ece46bc96f25e22edc87ab 7d30b8e596d82a90dc21e8fb07a6268cd91b01b3520df94c3b9805391896c08d
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-EelXn/sF0vb0D88MXgv3nSKRcbNxekLE' https://s.yimg.com; style-src 'self' 'nonce-EelXn/sF0vb0D88MXgv3nSKRcbNxekLE' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:13 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:13 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hash6f63fe25b9a737873203954365d901bd bd3282e15457e7141b61186652d94ac8dacfcf83 fbe1b6e87d2caf829edcb3cece3fbdf5077f96cd0545b691bcc713757a9352b3
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-w/irLwWLSu7OMqLO0A/KOU/Edd4WYq/V' https://s.yimg.com; style-src 'self' 'nonce-w/irLwWLSu7OMqLO0A/KOU/Edd4WYq/V' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:13 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:13 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:13 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:13 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:13 GMT
x-envoy-upstream-service-time: 0
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hash33544665ea2f2979f0b62392994e2237 184e77847c2873aa1391df7a78e6529aea10862f 1608f20d40e47343accbed966ad7829c9cb48332580fa4c3e397b5e79bcc78b1
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-xO8lpDuaxP13IRTVgPdI7P+cXma2LQYg' https://s.yimg.com; style-src 'self' 'nonce-xO8lpDuaxP13IRTVgPdI7P+cXma2LQYg' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:13 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:13 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hash1428dee550aee090d9ae2600b1cb4d7b 2d79be39d989be3f0018a9366ff5c0e7ffdf5a49 96433d312d8174e02844353bbe211c3e30dba9fb8322add6c5aad11dfcf1946b
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-6sGK/O1WW8DAFkQSYBsaRiqlqvhYM8ay' https://s.yimg.com; style-src 'self' 'nonce-6sGK/O1WW8DAFkQSYBsaRiqlqvhYM8ay' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:13 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:13 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:13 GMT
x-envoy-upstream-service-time: 0
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hash485bcd809ffc0ac9d23b901db0bbbe47 6bfbd326efb3b0f059d26a4460493f10b33cf666 45977e965fb36f69854a50ca2108e0021beb9ef69ef74d409a1e0b21c58ac0b3
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-2S4MMey8Zn54TfECDLdYvxs2V6BINGj5' https://s.yimg.com; style-src 'self' 'nonce-2S4MMey8Zn54TfECDLdYvxs2V6BINGj5' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:13 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:13 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:13 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hashe12c6e0f6712fde58d808b2ffe233679 3ce12d943ffc9e57d6b86cbac1af8ae49eb35eef cc6404bab345655252260b32df85a5e413e4f64835d7e3ddde6bacd9e8d9537b
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-JjSKiZERFZ1U+IxW/qOxindGx1zmPWzu' https://s.yimg.com; style-src 'self' 'nonce-JjSKiZERFZ1U+IxW/qOxindGx1zmPWzu' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:14 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:14 GMT
x-envoy-upstream-service-time: 2
server: ATS
age: 1
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:14 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 1
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hash493df3c2cf2afa728e9f2cda2f6474aa 7515af7cb3ccb16d170cdd2bd1144f62828e58f8 d76ea86ef27face87c3c71fdda720640ef9929524e05ebd4f24bc44312b1418c
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-GyH0FgZ+m+JtAWl0FKdsA2gLlV7WFzBe' https://s.yimg.com; style-src 'self' 'nonce-GyH0FgZ+m+JtAWl0FKdsA2gLlV7WFzBe' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:14 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:14 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:14 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hash76700793248be6619bca9835b081c240 18a0fa72b23e8f1e7a052eac07b262e9f433b162 7bef465c928c4a8f32373a6e802d94725e38a830910be2bc90bec4a9925886fc
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-6Ho+YHA3Tl0ldUy6I/pkg9IP9ek9S0m7' https://s.yimg.com; style-src 'self' 'nonce-6Ho+YHA3Tl0ldUy6I/pkg9IP9ek9S0m7' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:14 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:14 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:14 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:14 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hashd4208fe9b64bb09ff72553f1c03e87a7 b7a72003cd2fb9b78109b5e30f1ba9b00188f46a 6f8d61f2f6b36e32fed57d3a5be33113f8d7f62bc91c32f32e55f0a8c39e542f
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-IT2259rzK1d+FKwflFWalyjdZj5jMcUu' https://s.yimg.com; style-src 'self' 'nonce-IT2259rzK1d+FKwflFWalyjdZj5jMcUu' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:14 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:14 GMT
x-envoy-upstream-service-time: 0
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:14 GMT
x-envoy-upstream-service-time: 0
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hash971ce6a53e184b6fc1fafbc026594d74 99efad8e86c6d1b888f747632ee9d5c075c86713 6ff863ceddd6299be834e06ff035a24b4fc36c4e9224e6b26cfa2575e498d9b2
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-5t9cstNLWpLWi2SeKWiG3x8unFbqNmH0' https://s.yimg.com; style-src 'self' 'nonce-5t9cstNLWpLWi2SeKWiG3x8unFbqNmH0' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:14 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:14 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hash8b26b4f25efb05413ccdcfe80b58c81f 9e6798c198c860a205d6eb99dbd6360309d7eeac 2d1d217b29bf22e87c4e04151cfd91345b41e4fc14aaa1d8d5f06271f104c9a0
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-mejoTYaQbCBeeUTNFsMxTFDyP//wKqb2' https://s.yimg.com; style-src 'self' 'nonce-mejoTYaQbCBeeUTNFsMxTFDyP//wKqb2' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:14 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:14 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:14 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hashc7cf25120c8bcf8c16f19a13ca690661 f97f7be8f754a5b94f169ed0865c43572781b526 5cf9242a5e04711a4f6c29c6cf4311b1144e577b0c31288a6cc0a8d0b6f52d40
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-YIlykorMqk1EEWrOI5oe1Tof3DDp1153' https://s.yimg.com; style-src 'self' 'nonce-YIlykorMqk1EEWrOI5oe1Tof3DDp1153' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:14 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:14 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:14 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hasha63f68a41280f5c3c8a352e97448b935 9cd7fad1a785585081c1517bacce2bec6fc7a5bf 57ae80fb85971ecee2c2b29dfd8900b958da64ca00fca09c4aa102ea1c77eccd
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-aWnInEBHCTKNfEDGONhEMx7HxSsWamfF' https://s.yimg.com; style-src 'self' 'nonce-aWnInEBHCTKNfEDGONhEMx7HxSsWamfF' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:14 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:14 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:14 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | | 223 kB |
URL www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:0 ASN#47171 Unibet Services Limited
CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Size223 kB (223100 bytes) Hash1d022c929b5fc6a670f0f72460104d87 3403b1b099f0fc3e87698dbe3681734093bfbe96 68ff2c83ab6f1c07b99585229fbf2f194c8159cc9ea008d3f33e35a3b12d9126
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:13 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=ac983af81f8fefa50716ab0fe6c91720|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:13 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=6fbb0f856da97952ffc8f76d6bdbe615; expires=Sat, 04-May-24 21:29:13 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=243dade5d71acc4017fb7cd68998e5fd|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:13 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=6530DAF2BCD3D76595B98C397A7AA073; Path=/; Secure; HttpOnly
x-request-id: f29450dd63c0ad0aa24d5dac4b2cffc8
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:13 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:15 GMT
x-envoy-upstream-service-time: 2
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hashac43ec0f8d2484c3acb5794a3760c75e 6a7dfd1a877c2e2134299cd871b6bdebe878b0a1 cfd1f89ff18085c666d4eff976ed24843568ef829efd3287208b443e94f90835
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-Ib1sSJv58n3vAXxAy2SzZzbP24+F1nC+' https://s.yimg.com; style-src 'self' 'nonce-Ib1sSJv58n3vAXxAy2SzZzbP24+F1nC+' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:15 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:15 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | | 50 kB |
URL www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:0 ASN#47171 Unibet Services Limited
CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (31157), with CRLF, LF line terminators Hashb478bf66f08897e60922e6c2dcb17cda da8533cdb270e33f72fc3d7c84b86c8c0119c39b f370fb1974978a3d0a20e572fd2d6cc6e918e40c1080913cd06c65af902ea834
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:11 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=495b95a27ea3638b2d188fe1326465c5|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:11 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=08a389b2b0097c0325579b85e54d4f7a; expires=Sat, 04-May-24 21:29:11 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=d09e52a6fdd8b3036252dc19bf918bcd|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:11 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=9FEC710DCE42C4489701C03F03F5CA14; Path=/; Secure; HttpOnly
x-request-id: 47572c60b79426cbfda29e01df22fa6c
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:11 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:15 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:15 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:15 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hash5cb56aef6ef042d887b7d2fd3013cc1c 478ff62c45c9beca54f8e93a4132a2d5d295343c fa15fad8cc696ee8c0282855861c05ecb510ecfff8b8b64c4a24bcaebc19590c
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-W2YIAmF182nbJ8uFIrWXR4vE3Z0jZygC' https://s.yimg.com; style-src 'self' 'nonce-W2YIAmF182nbJ8uFIrWXR4vE3Z0jZygC' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:15 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:15 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:15 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hashb119e242f9f89d6748f1428bb2e1d0c1 c511053d2d78d2f861ab46c58c26dfd141ff0bc3 e7761b51fc24a9996bd32ac2990fe401c3700047a7c4a46420882ee75041c990
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-1dHhdEMHvAZCUAp6F7WoPfdb78R9RK43' https://s.yimg.com; style-src 'self' 'nonce-1dHhdEMHvAZCUAp6F7WoPfdb78R9RK43' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:15 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hash85db8bbb48c989036d3a590c18e43f81 f2e3be52fc5de1e62410940c1fe6fe7944050cf8 40550b75b0af8ab808afa8db2506dcb0ffd2528198433007dc59f7180769758b
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-4WdKSAaZBS2FlHxPDI09xttogAlr+DnU' https://s.yimg.com; style-src 'self' 'nonce-4WdKSAaZBS2FlHxPDI09xttogAlr+DnU' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:15 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:15 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:15 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:15 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:15 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 | 3.250.252.251 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 IP3.250.252.251:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hash741ea187378e66f847166ba95b4b0771 6a03416fb345905812be9e6e74f2ee04f1a5aa5b a484d19c490f98db87a9137d56705742668a22793a252d32449c173d55c38cf2
GET /v2/collectConsent?sessionId=3_cc-session_aac88c11-bb23-49b7-89d1-76dca5c397e5 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-lSdEipDouyt8ArGIpoqA3yrimcsIis1G' https://s.yimg.com; style-src 'self' 'nonce-lSdEipDouyt8ArGIpoqA3yrimcsIis1G' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Sat, 04 May 2024 18:29:15 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:15 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 712
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Sat, 04 May 2024 18:29:15 GMT
x-envoy-upstream-service-time: 1
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | | 28 kB |
URL www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:0 ASN#47171 Unibet Services Limited
CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hash3910afc92f9dc7fa1a10dd008ce4be34 67a18b42fb8ef5a40f4b9fc37c4561f51fc96dd5 9b8f9481ea4b6b022abef01f47e0bc7a30868779c9b75e6f95728d6ce77b17db
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:15 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=99cd7fdbf66ec6143c0c2d825721f6bd|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:15 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=632f302a6ad9b51b97011963a6ab7b6d; expires=Sat, 04-May-24 21:29:15 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=dcd2ac585cd74ff7d0087504107aa255|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:15 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=1AFAD0920ABD71371D8C508F5BE55882; Path=/; Secure; HttpOnly
x-request-id: ddbabc4de0ce41b34b40caadba8c3863
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:15 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| younetu.org/cdn-cgi/trace | 188.114.97.1 | 200 OK | 256 B |
URL GET HTTP/3younetu.org/cdn-cgi/trace IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeASCII text, with no line terminators Hashb602c20d0350fd6a1c02465ad19887be a44cf45ae1cc3ce32c3016f168a9e98f89896d7d 4e470446966d0d604809eb4cd1d4fae245fd3751761785391046db55836717b6
GET /cdn-cgi/trace HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no
Cookie: uid=z4lzxVcKb4w*wzZYat_JGvZWOG3Npy1j
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:29:04 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 87ea8de09b4c56c5-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
|
|
| unpkg.com/jquery@2.2.4/dist/jquery.min.js | 104.17.249.203 | 200 OK | 86 kB |
URL GET HTTP/2unpkg.com/jquery@2.2.4/dist/jquery.min.js IP104.17.249.203:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectunpkg.com Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3 ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT
File typeJavaScript source, ASCII text, with very long lines (32065) Hash2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /jquery@2.2.4/dist/jquery.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:04 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Fri, 20 May 2016 17:24:42 GMT
etag: "14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
via: 1.1 fly.io
fly-request-id: 01HWR0PQW4S28HPX7SXS45MBKH-arn
cf-cache-status: HIT
age: 349342
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87ea8dde1a850b31-OSL
X-Firefox-Spdy: h2
|
|
| xml.xmlwiz.com/redirect?feed=598894&auth=FqgVMV&pubid=196092 | 174.137.133.17 | 302 Found | 1.1 kB |
URL GET HTTP/1.1xml.xmlwiz.com/redirect?feed=598894&auth=FqgVMV&pubid=196092 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerSectigo Limited Subject*.xmlwiz.com FingerprintB7:42:FA:31:6C:A5:92:E5:B3:3F:EA:6A:F5:D0:20:0A:27:15:6B:4B ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 05 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=598894&auth=FqgVMV&pubid=196092 HTTP/1.1
Host: xml.xmlwiz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xml.popmansion.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:29:07 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://lernodydenknow.info/redirect?tid=1039225
|
|
| younetu.org/js/websocket_ip.min.js | 188.114.97.1 | 200 OK | 4.6 kB |
URL GET HTTP/3younetu.org/js/websocket_ip.min.js IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4798), with no line terminators Hash7c354bd309d3152f26fd4c61b1f7eb2b 2dc50304cfaecb57148a5001827f8e0b19acb9ca f88d924353140c3c8cbfd2ce7f128539408029907fadeaa0f5cb81c4fde1e1e8
GET /js/websocket_ip.min.js HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:29:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 20 Jan 2023 13:44:36 GMT
etag: W/"63ca9ac4-121c"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 345034
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FAL%2BYQFAQ%2BGqS1bvKtGj2gi%2BPfydYP7dqunpkL7WjZFQEvJMQtXy%2B0vVnJuxNgY9GKQNFSRXCp6LF9oAIal30h0ZIqlZTcFfHrU55G7vn8BIOC%2BnjAWtq1f%2FCI07fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8ddddee056c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| donateentrailskindly.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuniwoeBAlNxXmoKAkO9s9M9s9Yw7BuK4srrshUfQiUtVVPVtuTVenqmt6dg%2ByJCA5DoL33m%2F2B2oQ%2FQMSZDYQYUHI6MEF3Yv%2FgULAm8w4OPoO9d6r7yv46nvvs313Tupw9GzlXb0rlaJLyzW%2F%2BuqHQXClui5T16%2F2W%2BHHYfNK1fReb4c1%2F7Xq2yLe1kt1P%2FD9wA%2Bqq9KIRPeXJiBkdq8d1Np%2BrVmvBctN9M3%2Fe%2Bs8WOqB987J85B8vPDQuwgZj5B2v10RdjvX2eW3uk7RXBv0%2BPH76XaqixTdeZkYD0l6PGND28erD6DTw6lc6N6%2FRCbHxHv0ACw9nokE6x1MdTIFkYLxZ1D0RhBqBElHiPUdSP6YADHHxibS7tGGNgXd%2BQelE3RMFp78CVmMycJvF5F2v7mmZL96UyuXS51a9JMSsj%2BC7IyQuRPkuxXI4gRxfhuS%2F0iWnqwj7R5sWqUh%2BdnLSeIHtNn0F3lc54vNoM0WaZuHiyyKliMaJrTFoqlBUo4gkxGUGIDaCpz14KQHl3hwmYcuP6vGQRBEPo%2Bp32rHcYNHgoXcD2iUBDTwwxZcPPnDAHk2QKwGiM0eMrOHbTmAcd%2FDbpWw3IPNCXq8RCEICktQUIJCEhQ5QdErD7mydVsecWUdC2a5PsuNcqjzzj491HlHpATUDGB4uZ%2Bdk%2BcmBnpP3x5iW5xVKfOZqNNmk0UiTtoB44wvx7wR%2BrzVbDciWFlC2gqo9bArx%2BTF%2B5eQyTF56qNfwegJrDpBLF8BdS%2BBFiXoVond9Gjr1q1arsF1iSxfQL7j7atz8sJ0eBs%2F%2FwARn179vTENxKZEZkp8Ih8SdNTd4Q1dkIMburDku80sl125SyeDvZnTXFz46h2xU2jD11bs4Ms34gkwKe%2B9J2y%2BTlMu044lX1%2BTnAuzqk0syP01%2B4Fg153duuZM6rL162%2BurnUzI6yVOh2BTnb0D4NYjsmzX1ye7uylv36BNCMYV6LrTsksIPUIcbYHm831W01g1JzDMg%2BFK4emzuaXShIoMe8pK2H%2F07N5PTR08prKct%2FeRcdUQPM7SLsleqZET5WgagDrLgzzzJxe%2FWkmg6nKkClTOWDKqM%2BnNk%2BOR7DyrBo1Gj4N28tBFFERsWa9lYQBp7TeDOthSBvI7TgJP83%2FBgAA%2F%2F8BAAD%2F%2F4PO2KCNBAAA | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1donateentrailskindly.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuniwoeBAlNxXmoKAkO9s9M9s9Yw7BuK4srrshUfQiUtVVPVtuTVenqmt6dg%2ByJCA5DoL33m%2F2B2oQ%2FQMSZDYQYUHI6MEF3Yv%2FgULAm8w4OPoO9d6r7yv46nvvs313Tupw9GzlXb0rlaJLyzW%2F%2BuqHQXClui5T16%2F2W%2BHHYfNK1fReb4c1%2F7Xq2yLe1kt1P%2FD9wA%2Bqq9KIRPeXJiBkdq8d1Np%2BrVmvBctN9M3%2Fe%2Bs8WOqB987J85B8vPDQuwgZj5B2v10RdjvX2eW3uk7RXBv0%2BPH76XaqixTdeZkYD0l6PGND28erD6DTw6lc6N6%2FRCbHxHv0ACw9nokE6x1MdTIFkYLxZ1D0RhBqBElHiPUdSP6YADHHxibS7tGGNgXd%2BQelE3RMFp78CVmMycJvF5F2v7mmZL96UyuXS51a9JMSsj%2BC7IyQuRPkuxXI4gRxfhuS%2F0iWnqwj7R5sWqUh%2BdnLSeIHtNn0F3lc54vNoM0WaZuHiyyKliMaJrTFoqlBUo4gkxGUGIDaCpz14KQHl3hwmYcuP6vGQRBEPo%2Bp32rHcYNHgoXcD2iUBDTwwxZcPPnDAHk2QKwGiM0eMrOHbTmAcd%2FDbpWw3IPNCXq8RCEICktQUIJCEhQ5QdErD7mydVsecWUdC2a5PsuNcqjzzj491HlHpATUDGB4uZ%2Bdk%2BcmBnpP3x5iW5xVKfOZqNNmk0UiTtoB44wvx7wR%2BrzVbDciWFlC2gqo9bArx%2BTF%2B5eQyTF56qNfwegJrDpBLF8BdS%2BBFiXoVond9Gjr1q1arsF1iSxfQL7j7atz8sJ0eBs%2F%2FwARn179vTENxKZEZkp8Ih8SdNTd4Q1dkIMburDku80sl125SyeDvZnTXFz46h2xU2jD11bs4Ms34gkwKe%2B9J2y%2BTlMu044lX1%2BTnAuzqk0syP01%2B4Fg153duuZM6rL162%2BurnUzI6yVOh2BTnb0D4NYjsmzX1ye7uylv36BNCMYV6LrTsksIPUIcbYHm831W01g1JzDMg%2BFK4emzuaXShIoMe8pK2H%2F07N5PTR08prKct%2FeRcdUQPM7SLsleqZET5WgagDrLgzzzJxe%2FWkmg6nKkClTOWDKqM%2BnNk%2BOR7DyrBo1Gj4N28tBFFERsWa9lYQBp7TeDOthSBvI7TgJP83%2FBgAA%2F%2F8BAAD%2F%2F4PO2KCNBAAA IP172.240.127.234:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectdonateentrailskindly.com Fingerprint03:3A:5A:3D:D8:11:7C:BD:5B:E6:2A:C6:C1:25:D3:D1:07:37:3B:3A ValidityMon, 29 Apr 2024 12:49:22 GMT - Sun, 28 Jul 2024 12:49:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuniwoeBAlNxXmoKAkO9s9M9s9Yw7BuK4srrshUfQiUtVVPVtuTVenqmt6dg%2ByJCA5DoL33m%2F2B2oQ%2FQMSZDYQYUHI6MEF3Yv%2FgULAm8w4OPoO9d6r7yv46nvvs313Tupw9GzlXb0rlaJLyzW%2F%2BuqHQXClui5T16%2F2W%2BHHYfNK1fReb4c1%2F7Xq2yLe1kt1P%2FD9wA%2Bqq9KIRPeXJiBkdq8d1Np%2BrVmvBctN9M3%2Fe%2Bs8WOqB987J85B8vPDQuwgZj5B2v10RdjvX2eW3uk7RXBv0%2BPH76XaqixTdeZkYD0l6PGND28erD6DTw6lc6N6%2FRCbHxHv0ACw9nokE6x1MdTIFkYLxZ1D0RhBqBElHiPUdSP6YADHHxibS7tGGNgXd%2BQelE3RMFp78CVmMycJvF5F2v7mmZL96UyuXS51a9JMSsj%2BC7IyQuRPkuxXI4gRxfhuS%2F0iWnqwj7R5sWqUh%2BdnLSeIHtNn0F3lc54vNoM0WaZuHiyyKliMaJrTFoqlBUo4gkxGUGIDaCpz14KQHl3hwmYcuP6vGQRBEPo%2Bp32rHcYNHgoXcD2iUBDTwwxZcPPnDAHk2QKwGiM0eMrOHbTmAcd%2FDbpWw3IPNCXq8RCEICktQUIJCEhQ5QdErD7mydVsecWUdC2a5PsuNcqjzzj491HlHpATUDGB4uZ%2Bdk%2BcmBnpP3x5iW5xVKfOZqNNmk0UiTtoB44wvx7wR%2BrzVbDciWFlC2gqo9bArx%2BTF%2B5eQyTF56qNfwegJrDpBLF8BdS%2BBFiXoVond9Gjr1q1arsF1iSxfQL7j7atz8sJ0eBs%2F%2FwARn179vTENxKZEZkp8Ih8SdNTd4Q1dkIMburDku80sl125SyeDvZnTXFz46h2xU2jD11bs4Ms34gkwKe%2B9J2y%2BTlMu044lX1%2BTnAuzqk0syP01%2B4Fg153duuZM6rL162%2BurnUzI6yVOh2BTnb0D4NYjsmzX1ye7uylv36BNCMYV6LrTsksIPUIcbYHm831W01g1JzDMg%2BFK4emzuaXShIoMe8pK2H%2F07N5PTR08prKct%2FeRcdUQPM7SLsleqZET5WgagDrLgzzzJxe%2FWkmg6nKkClTOWDKqM%2BnNk%2BOR7DyrBo1Gj4N28tBFFERsWa9lYQBp7TeDOthSBvI7TgJP83%2FBgAA%2F%2F8BAAD%2F%2F4PO2KCNBAAA HTTP/1.1
Host: donateentrailskindly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Cookie: u_pl=17334947; uid_id2=ff01a440-dc2d-419b-a9d6-b7757a6fa8b7:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 18:29:08 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ee2482368d1a7cb63c95465e2a4419c5
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:11 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=601dbfbd662b22b3095679411cb6bc2c|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:10 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=2b51697641422ca1e9bfab028eb3215f; expires=Sat, 04-May-24 21:29:10 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=1465ee43a1eb1ea6bc0c0da95c439d09|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:10 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=E78A7E557C6F401F7D8CB149458F753D; Path=/; Secure; HttpOnly
x-request-id: a9fd716e9804fb1798e89272d1fc28fb
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:10 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:13 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=ac983af81f8fefa50716ab0fe6c91720|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:13 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=6fbb0f856da97952ffc8f76d6bdbe615; expires=Sat, 04-May-24 21:29:13 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=243dade5d71acc4017fb7cd68998e5fd|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:13 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=6530DAF2BCD3D76595B98C397A7AA073; Path=/; Secure; HttpOnly
x-request-id: f29450dd63c0ad0aa24d5dac4b2cffc8
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:13 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| younetu.org/js/video.counters.2.js?117 | 188.114.97.1 | 200 OK | 696 B |
URL GET HTTP/3younetu.org/js/video.counters.2.js?117 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeJavaScript source, ASCII text, with very long lines (739), with no line terminators Hasha2a4921aacb2a8988a0c0af96088c0ae 876de6826a45c1520fc16d1d7a0fd68c9dfb7040 a322d95809eef61e82cc313c84a7d76d1ec4c7c90e24a47d2197d229a4d45395
GET /js/video.counters.2.js?117 HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no
Cookie: uid=z4lzxVcKb4w*wzZYat_JGvZWOG3Npy1j
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:29:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 06 Feb 2022 19:35:56 GMT
etag: W/"6200231c-2b8"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 349180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZjUO0yjFIQThjjC5QCyNI4cY9jsdB68hq81BvbT9evds6%2B24j7G%2BR5sN39fnNCD%2BRRWHCW9m8DoHr%2FwcNBzZKxGw7paVHSYL7arIW1VKNne90SKIkxazA%2FH%2FrKRFqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8de21dec56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:15 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=99cd7fdbf66ec6143c0c2d825721f6bd|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:15 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=f1717b06d80adf46f1f915f39fe4238e; expires=Sat, 04-May-24 21:29:15 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=6ff76a1cf5197a9f602c3da51f804d40|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:15 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=83C34B8A14A9CF7BFBB13343628C050D; Path=/; Secure; HttpOnly
x-request-id: a14214a769136349348a270283b00c18
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:15 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| commentsmodule.com/js/js.load.1.js?9614278503284318 | 172.67.198.57 | 200 OK | 0 B |
URL GET HTTP/2commentsmodule.com/js/js.load.1.js?9614278503284318 IP172.67.198.57:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectcommentsmodule.com Fingerprint93:14:03:FF:0E:5C:59:B4:17:D6:D3:03:3E:B0:19:72:F7:97:6D:D0 ValiditySat, 06 Apr 2024 23:39:59 GMT - Fri, 05 Jul 2024 23:39:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/js.load.1.js?9614278503284318 HTTP/1.1
Host: commentsmodule.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://younetu.org/
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:04 GMT
content-type: application/javascript; charset=UTF-8
content-length: 0
last-modified: Thu, 14 Apr 2022 12:20:52 GMT
etag: "625811a4-0"
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 353233
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FMuJ3uj6G3kuLmURVv8W3XUMwy3kudy2l3KK0jkUEkNqPKTfpD1aqNP%2B%2Fg8lBazRV5oh%2FmD04Drxipr%2FoxkmHpEleboHpD%2FaHR3Ll7ZbaGafUTCuKQ3pkCaCW2c7Id0oIhrd7oI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 87ea8de01efc56bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/img/close.png | 188.114.96.1 | 200 OK | 591 B |
URL GET HTTP/3cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/img/close.png IP188.114.96.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced Hash9fd5bcb6103d86e317bd1eb019bcbe71 6b5a52ea669dcb74946f2bed4bdd7ec985026113 0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae
GET /sb/ssp/vpn/classic-push/small/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:29:08 GMT
content-type: image/png
content-length: 591
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: "65aa84fe-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 353484
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0NJ%2BCZiGf%2FTIz2xulDhwoyiCOms4SnY2S6Dg2RjQzOltZ0xueDu8YTmsvkYH8lE1VCrPOfsk8aBj0wHhigY5UZxCEs7dZ5o40V3OrDJcpYlX8kuNLg%2B3H0%2FD8kknvDxsVW6XJoWnnqen"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea8df90eb5b51b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| offmantiner.com/4/6120639/ | 139.45.197.245 | 200 OK | 34 kB |
URL GET HTTP/2offmantiner.com/4/6120639/ IP139.45.197.245:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectoffmantiner.com FingerprintD7:99:54:4F:68:91:39:12:41:98:52:CC:F1:74:C6:3C:1F:93:F3:04 ValidityMon, 25 Mar 2024 05:10:58 GMT - Sun, 23 Jun 2024 05:10:57 GMT
File typeHTML document, ASCII text, with very long lines (18247) Hashf98e5f0b9a559edbdf08cd6e186fc841 ffca25ddfebbc5e5a1be07da83d1c724e629e8cb 2ea6ddf45ca9ff70b29bbeaed588ef205fff1f19d38f8ef78baa6b140c2a9219
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /4/6120639/ HTTP/1.1
Host: offmantiner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://becast.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:29:09 GMT
content-type: text/html; charset=utf8
x-trace-id: bab97e4bb59ab331aff6d17e1ab840dc
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00805272b0d24f5ced093714f58e4461; expires=Sun, 04 May 2025 18:29:09 GMT; path=/; secure; SameSite=None
oaidts=1714847349; expires=Sun, 04 May 2025 18:29:09 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:12 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=99cd7fdbf66ec6143c0c2d825721f6bd|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:12 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=31e9628941ed1efac503b7d3f4f64a5c; expires=Sat, 04-May-24 21:29:12 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=28c697947550444d0f0f920b29385ca6|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:12 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=43F2F1726E12B64F8AB7442816420A20; Path=/; Secure; HttpOnly
x-request-id: 614ca8624e50c3eed738ffce27fb3f06
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:12 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| younetu.org/js/d_check.js?35 | 188.114.97.1 | 200 OK | 3.5 kB |
URL GET HTTP/3younetu.org/js/d_check.js?35 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3599), with no line terminators Hash47dd2e972f0059419379ce10022af024 664d680f87701f4aa0b32f6bee82ed57ab992afc 41ac5f66afda4f18ce3423349e6a070dab8cbcd99ed9ad1101f82fbc6b24f5fa
GET /js/d_check.js?35 HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:29:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 01 Oct 2023 06:10:30 GMT
etag: W/"65190d56-d80"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 339419
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qr2WpqP2aVEmpVRvg6yfS%2FA4K9pYFDj9TDQk0fDCI4OBXN5R2uFzRK9ldFCz4xbLvyUdqITV3FwtEwCynUYIbemHq0j40ofR63rp6%2FKF6Rb9HNVfkzUPgZ9DYCqH4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8dddff1556c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| t.yunaga.xyz/1/?spot_id=2561&zone_id=14102_ck_if_ | 104.21.56.136 | 302 Found | 0 B |
URL GET HTTP/2t.yunaga.xyz/1/?spot_id=2561&zone_id=14102_ck_if_ IP104.21.56.136:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyunaga.xyz Fingerprint23:B7:72:6D:6F:C6:6F:96:9E:1F:5C:29:0F:31:FC:36:7F:1E:84:40 ValidityTue, 19 Mar 2024 23:59:20 GMT - Mon, 17 Jun 2024 23:59:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/?spot_id=2561&zone_id=14102_ck_if_ HTTP/1.1
Host: t.yunaga.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.bawixi.xyz/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 04 May 2024 18:29:09 GMT
content-type: text/html
location: https://t.yunaga.xyz/1/?spot_id=5011
set-cookie: _trd_=9a98f167add2e8; Expires=Sun, 04-May-25 18:29:07 GMT; Domain=.yunaga.xyz; Path=/; Secure; SameSite=None
_uqt3157949621=1; Expires=Sun, 05-May-24 00:00:00 GMT; Domain=.yunaga.xyz; Path=/; Secure; SameSite=None
_uqp3178561817=1; Expires=Sun, 05-May-24 00:00:00 GMT; Domain=.yunaga.xyz; Path=/; Secure; SameSite=None
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f6naDwsgMH1dYYXaYCUAAJ5vJCXQeMHBRueiARTis1DVFWBpNkFI6k8FfSjeCqci%2FaSUu1iKKWjGWE5AhrYjrL%2BMW0kJAJuyvWHhbq1FauVLxNGfqCtEVTmmwQQkg%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8dffe8741c06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videocdnmetrika.com/netu.php | 104.21.38.98 | 200 OK | 1.2 kB |
URL GET HTTP/2videocdnmetrika.com/netu.php IP104.21.38.98:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectvideocdnmetrika.com FingerprintDC:66:04:CE:0E:16:00:03:7C:D9:DA:D9:20:9C:BD:FE:FB:65:BD:A5 ValiditySat, 23 Mar 2024 15:28:22 GMT - Fri, 21 Jun 2024 15:28:21 GMT
File typeASCII text, with very long lines (1195), with no line terminators Hash01b98d58a9e958f3f370e97d7923cce1 978a3ad86f3a0bce1b25a49cf18b8965b7e6187a f93ed1de5bdf2e66e1b9745e2f7de23e264e37c985bb2e8d8c70a9b51e7ba51f
GET /netu.php HTTP/1.1
Host: videocdnmetrika.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:05 GMT
content-type: application/javascript
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=68QLDMAf8b3PDF2WzortelVLBXcsHxM3yJhdWGud%2BmpR4aAVO6aciKSNwG854BIUqrelrmASCrI4C7GXtmNpI3w95DU5btWHEBFT7MsepWRQHNFx3%2F%2FEo8EeFak5ITZPTy5sd%2F2D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8de26f8256c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:13 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=ac983af81f8fefa50716ab0fe6c91720|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:13 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=a5d4ddea7c327e03dd9028d265e476da; expires=Sat, 04-May-24 21:29:13 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=e1947af493072db7151c475e72eb92d0|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:13 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=CBA52FDE973990D72A7C8E99451F781C; Path=/; Secure; HttpOnly
x-request-id: 82398ae90ae5902b86b9a600af1517e8
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:13 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:14 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=2cec5b8a82b6747f079659604ee9299d|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:14 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=6fbb0f856da97952ffc8f76d6bdbe615; expires=Sat, 04-May-24 21:29:14 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=243dade5d71acc4017fb7cd68998e5fd|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:14 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=D210AF2A64B1498705C893BEEEE91680; Path=/; Secure; HttpOnly
x-request-id: 0d98b2750e1bede5eb92886a9209cc49
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:14 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:11 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=495b95a27ea3638b2d188fe1326465c5|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:11 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=08a389b2b0097c0325579b85e54d4f7a; expires=Sat, 04-May-24 21:29:11 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=d09e52a6fdd8b3036252dc19bf918bcd|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:11 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=9FEC710DCE42C4489701C03F03F5CA14; Path=/; Secure; HttpOnly
x-request-id: 47572c60b79426cbfda29e01df22fa6c
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:11 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js | 104.17.249.203 | 200 OK | 3.1 kB |
URL GET HTTP/2unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js IP104.17.249.203:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectunpkg.com Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3 ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT
File typeJavaScript source, ASCII text, with very long lines (3441), with no line terminators Hashc70a657c6ff1764a238929b6e46fb8e4 e2a8eb96b388abf14690ea14fe4af3f600296235 466840a5176a0d6bd70e2d5ade5928ad656ca6b9cd3040a241e33478c63f5813
GET /jquery.cookie@1.4.1/jquery.cookie.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:04 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sun, 27 Apr 2014 20:04:54 GMT
etag: "c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
via: 1.1 fly.io
fly-request-id: 01HWRA5PTHBM6Y40WNWEFTRSGQ-arn
cf-cache-status: HIT
age: 339414
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87ea8dde2a8a0b31-OSL
X-Firefox-Spdy: h2
|
|
| duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico | 0.0.0.0 | | 0 B |
URL GET duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico IP0.0.0.0:0
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:14 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=ac983af81f8fefa50716ab0fe6c91720|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:14 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=d936e6f0ffa48fcae6401725055571a9; expires=Sat, 04-May-24 21:29:14 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=a572e19365927508711c38d8077791a7|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:14 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=9C2DACB9F152A15137163D18BB10BB93; Path=/; Secure; HttpOnly
x-request-id: c84f907d41e5d28bcf1d0b4383c4938e
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:14 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| videocdnshop.com/f.php?sid=212040&ra=14011 | 172.67.199.179 | 200 OK | 0 B |
URL GET HTTP/2videocdnshop.com/f.php?sid=212040&ra=14011 IP172.67.199.179:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectvideocdnshop.com Fingerprint74:9D:ED:06:94:27:D9:68:6B:80:01:DB:DA:26:F9:71:18:03:CE:37 ValidityMon, 18 Mar 2024 01:33:21 GMT - Sun, 16 Jun 2024 01:33:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f.php?sid=212040&ra=14011 HTTP/1.1
Host: videocdnshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:05 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S2xwRu8qKwVWRYpi%2FtwqIYbujoESn59J%2FX3x2g%2FLXuZ55I%2B%2BByL7O7TlWj8fTmZv7mqzOslUULL95u8xkXKknoClYSSqU3VKmJ6mK8uJFiPH5HTXanGbCirRf6OaIheNH%2BM7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8de39d33569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.170 | 200 OK | 7.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.170:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hash16b49a99486594c0b42d9bd7821deb2c 2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a 3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 18:29:08 GMT
date: Sat, 04 May 2024 18:29:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:15 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=99cd7fdbf66ec6143c0c2d825721f6bd|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:15 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=660b1da2f02ae0eb09e71ca9a62159af; expires=Sat, 04-May-24 21:29:15 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=a0f135e237f5ffece9d96e82fa81c041|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:15 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=90E8022271F0EB507BAED4B937CE3772; Path=/; Secure; HttpOnly
x-request-id: e20909c483d10b34d910933af6445d50
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:15 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| younetu.cc/player/embed_player.php?vid=1ygaPjPWcQv0 | 172.67.72.146 | 200 OK | 596 B |
URL User Request GET HTTP/2younetu.cc/player/embed_player.php?vid=1ygaPjPWcQv0 IP172.67.72.146:443
CertificateIssuerLet's Encrypt Subjectyounetu.cc Fingerprint51:C8:E6:4E:6B:51:0E:06:AB:AE:8B:42:41:D7:6E:DD:96:36:FB:58 ValidityMon, 01 Apr 2024 21:29:48 GMT - Sun, 30 Jun 2024 21:29:47 GMT
File typeHTML document, ASCII text, with very long lines (631), with no line terminators Hashe42c1bc60dc47111449f74e51d88fc83 39f262dc85672a251965dc3afc8ccc2d7138912d 76459fd633a8ea48a7d466020df0c42ad8b4b37494b5261a4c208d7f7d496508
GET /player/embed_player.php?vid=1ygaPjPWcQv0 HTTP/1.1
Host: younetu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0dfE%2Fj0yQtRrbnOI3J8Ld19SdeaYRCXrK7c9kA%2BgkbvieK5ZCF42y7aom9J8w3%2BBhevndPP3skZrSyceTI3SHTcKonb67VH9HAyXGrIV5ZDzeOc8ZJ1W5saQn%2Bg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8dd5996556c6-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:12 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=6a17255fe297cb45925dc828a413fad2|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:12 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=5124735c5f5e6c33956827e95582a1b1; expires=Sat, 04-May-24 21:29:12 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=bdcc9d51aa6fc351c02f15435c741272|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:12 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=29173001F058E2CB04E51761239E5002; Path=/; Secure; HttpOnly
x-request-id: 80235cb27b7dda4643bee503f9d5ff8f
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:12 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico | 0.0.0.0 | | 0 B |
URL GET duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico IP0.0.0.0:0
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/script.js | 188.114.96.1 | 200 OK | 962 B |
URL GET HTTP/3cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/script.js IP188.114.96.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (1015), with no line terminators Hash88523e22d10f0cbad31aa1d8276764fa 9238cd9499e01abdbeb33e68c550d26cfb6eaba5 d553390acb639c765cb6aaa4fbb72529e4005227d190f53108aec87ccec411c2
GET /sb/ssp/vpn/classic-push/small/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:29:08 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-3c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 341675
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=voFcFruwjijYzd1zwa6UTWaCBh0Ai3w0TwnzynFk%2FvP1OGDMJ6kfI5xAxFfmgbfAh7kPQs9v0mG266ZhAa9n7oU7AKNPVVmGcpOvurkD8%2BocJ%2FonKshHqMVqZyUGv1chALnp7ho7zZTd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea8df96f37b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| becast.onionlive.workers.dev/ | 104.21.9.35 | 200 OK | 1.4 kB |
URL GET HTTP/2becast.onionlive.workers.dev/ IP104.21.9.35:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectonionlive.workers.dev Fingerprint47:76:5D:C5:12:3C:C2:68:72:9E:1E:79:C9:B5:09:72:24:11:B4:C0 ValidityThu, 02 May 2024 00:33:08 GMT - Wed, 31 Jul 2024 00:33:07 GMT
File typeHTML document, ASCII text, with very long lines (1382), with no line terminators Hashf00afc8448987fa11d44221fa5292cae 9f4c400dce037e70bcb6db008b9419b99bdcb42e 1363ed26fa6dfa94a18ffef1fc03bf9e8be0ea9e769c641dd052bc8b77fc6891
GET / HTTP/1.1
Host: becast.onionlive.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xml.popmansion.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:09 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kiDw5A4kGTnIwqzpirvp829GY8Ykf%2Btjr3%2FOFeqMNK7h97OcnVYF9LLxsbd07if2pOQtQaJlO9FdDHkhgUV5h9mNQGWWcHKjBWplF2FGvsbvpuuRlTRLHscdGnrVSKIWKsVYRFJeGhQKAMZQQ4jJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea8dfbe8e456c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| marazma.com/sub/zxwk7krOl5 | 104.21.0.191 | 200 OK | 233 B |
URL GET HTTP/2marazma.com/sub/zxwk7krOl5 IP104.21.0.191:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectmarazma.com Fingerprint59:97:1F:84:2D:08:1A:6C:B3:9C:22:D5:77:31:8B:C8:5F:A0:0B:43 ValidityMon, 25 Mar 2024 00:10:01 GMT - Sun, 23 Jun 2024 00:10:00 GMT
File typeHTML document, ASCII text, with no line terminators Hashc41ad0a7f69925148f6306803554ef5a 2bb4b7ace9a46e75e965cc5a39558e369f2138d5 c60341f44512643a2d4fa7c192247c05c91f87f3ceaa3a763b038aadd7b575f2
GET /sub/zxwk7krOl5 HTTP/1.1
Host: marazma.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:07 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sif3fwAbkN8Y2zAGFjpGYWcs3Snlk5sniM1BLDNdZfsIgcLOdKf%2B1CC5QjIV%2BIMQ2r9bR9e40QcS1636Mde2Mq1sbNlFtOFf7cZ41XVU5C9sVXozNVCdS%2BlrQOEB5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8dee3f9d56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| offmantiner.com/?z=6120639&syncedCookie=true&rhd=false | 139.45.197.245 | 302 Found | 0 B |
URL POST HTTP/2offmantiner.com/?z=6120639&syncedCookie=true&rhd=false IP139.45.197.245:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectoffmantiner.com FingerprintD7:99:54:4F:68:91:39:12:41:98:52:CC:F1:74:C6:3C:1F:93:F3:04 ValidityMon, 25 Mar 2024 05:10:58 GMT - Sun, 23 Jun 2024 05:10:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /?z=6120639&syncedCookie=true&rhd=false HTTP/1.1
Host: offmantiner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 632
Origin: https://offmantiner.com
DNT: 1
Connection: keep-alive
Referer: https://offmantiner.com/afu.php?zoneid=6120639&var=6120639&rid=IUzYL-eT4VvoQwPRHmPGTA%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=00805272b0d24f5ced093714f58e4461; oaidts=1714847349
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 18:29:10 GMT
content-length: 0
location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESKTOP
x-trace-id: 90efc83e9057457720767ce5a4d4eceb
link: <https://adserving.unibet.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://offmantiner.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00805272b0d24f5ced093714f58e4461; expires=Sun, 04 May 2025 18:29:10 GMT; path=/; secure; SameSite=None
oaidts=1714847349; expires=Sun, 04 May 2025 18:29:10 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 11 May 2024 18:29:10 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:14 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=46428b204d5bde341365c567d0ff9058|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:14 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=dfa282ebf8bdbec4e417b8f3b2685189; expires=Sat, 04-May-24 21:29:14 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=012663440f1c18ede044eeb94649fbc3|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:14 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=A5CEDFEE15136AD94605398AC1BC3FB7; Path=/; Secure; HttpOnly
x-request-id: 232adfc556b3419956987efd11456fc9
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:14 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| younetu.org/js/adv/fuckadblock.js?2 | 188.114.97.1 | 200 OK | 14 kB |
URL GET HTTP/3younetu.org/js/adv/fuckadblock.js?2 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash626be86ed51eef8b8b4038b6dcb8fcb2 229b2c503c8a0acc4bb1b423c895fc30330a0723 7e5965a6eb681ef5f8a59dacd6e8c8263dcbbb512e441e532fee942a90c4c7ea
GET /js/adv/fuckadblock.js?2 HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:29:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 27 Aug 2019 17:39:04 GMT
etag: W/"5d656ab8-369e"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 345033
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GhRkTpBk%2B1pWzop91%2BSEkejZVOX%2FZErLuIr3wstZ6%2FjLdEaC%2FrYsKpz8X%2FRib%2BmUFs8c2ctXH10pTlP5q3Vejf357QnTWoea1z9gsG94RuV2BUdXBirGVwXLWz6Zxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8dde1f4d56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:13 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=ac983af81f8fefa50716ab0fe6c91720|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:13 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=f59c18028b4d4f3d2636f3220a2d6698; expires=Sat, 04-May-24 21:29:13 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=243dade5d71acc4017fb7cd68998e5fd|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:13 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=C0BA15AB0C0E14419F39E7A38360CC20; Path=/; Secure; HttpOnly
x-request-id: 72210d3df1f5b3f060f465b3a0115a41
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:13 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| younetu.org/js/embed.232.js?736 | 188.114.97.1 | 200 OK | 174 kB |
URL GET HTTP/3younetu.org/js/embed.232.js?736 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
Size174 kB (173807 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/embed.232.js?736 HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:29:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 18 Nov 2023 19:14:49 GMT
etag: W/"65590d29-2a6ef"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 349181
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZpS10coepq37eKG5RURS47ffB67AsI8sxSe3zdiTM0j3DnR6%2Fy32r8quax8lXPMXbR8QLBS%2FEZapAD6w%2BfJfd5nzYVsqTDfhT6O70Sha3oc8WFhSkaPVuqj0noc7IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8dde0f2056c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:08 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: d3a0316d6e8427d69b30b24cdaff72f7
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 18:29:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dFgAnT6xrqrsQKae84gHVwGvNBUsd%2FBfj1lvf9200CepsGkFydik6AOXomywxrgVDsAYp4rJ7FJ9t7sw%2Bh%2Fgwh7sVjfd19aVUv39WKmvVcW8K6UEgIOBc8wuh5hhN%2FIlvaMqh4GhP51BMgEsPNzxSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea8df60a75b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:12 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=b4cd3feb6e35d6808bcd48548d8eb3fa|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:12 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=c6e7d021578a6d515ea8710af4755743; expires=Sat, 04-May-24 21:29:12 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=6d615910b9dda067ca63d315fb193e57|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:12 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=4E94753F78C3EC143B11C6843F557FE6; Path=/; Secure; HttpOnly
x-request-id: 5e2ab82ab021429cb25d438425b4d4bc
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:12 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| younetu.org/player/get_player_image.php | 188.114.97.1 | 200 OK | 39 kB |
URL POST HTTP/3younetu.org/player/get_player_image.php IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
Hash2bc34ca123c411d59ed3f0ee03916215 acbc2c1de2ed626ae42b1eeecd96cede5dc62c73 60fb8954d1772eb908b0f969f65afd6c49e5217e3183fc6e79248c4dd8f9987f
POST /player/get_player_image.php HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 75
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no
Cookie: uid=z4lzxVcKb4w*wzZYat_JGvZWOG3Npy1j
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:29:05 GMT
content-type: application/json
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
pragma: no-cache
x-file-download-url: http://127.0.0.1/origin/s3.netu.tv/flv/api/files/thumbs_new/2023/06/16/1686862976vxwhm/1686862976vxwhm-640x480-1.jpg
x-file-downloaded: from cdn
x-image-colors-src: 0
x-file-located: temp, filename:../files/temp/video_images/m/h/1686862976vxwhm-1.jpg
x-clickarr-add-e: 1
x-image-size: 22272
x-image-colors: 0
x-img-cr: j
x-origin-location: get_image
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-inferno-location: player
x-inferno-limit-req: PASSED
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EBJvzsYy7bulU1RnnPqqNruibnllPXkq0pd9gMRmfBdtEHdF9fO7p%2BS7o3ujEh%2F9DhiNlr1z9QYNOkV%2BbjbqivF6keq8ZqZhoeIxnrJoYVO%2FyDa4MJDdaVsrk2leKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8de0fbf956c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| t.bawixi.xyz/1/?zid=9776&key2=431721333&c=pmrgszbchirg2irmejuceorshaztkmzwgu2tom35pr6hy6zcoirdumjqgy3dknrxgiztolbcoqrdumjxge2dqnbxgm2dolbcomrduircpu&mode=2 | 188.114.96.1 | 302 Found | 0 B |
URL GET HTTP/3t.bawixi.xyz/1/?zid=9776&key2=431721333&c=pmrgszbchirg2irmejuceorshaztkmzwgu2tom35pr6hy6zcoirdumjqgy3dknrxgiztolbcoqrdumjxge2dqnbxgm2dolbcomrduircpu&mode=2 IP188.114.96.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectbawixi.xyz FingerprintAF:9E:B4:BC:30:9E:5D:F1:48:C5:77:67:A5:95:F2:70:E6:E5:A8:91 ValidityThu, 14 Mar 2024 01:23:09 GMT - Wed, 12 Jun 2024 01:23:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/?zid=9776&key2=431721333&c=pmrgszbchirg2irmejuceorshaztkmzwgu2tom35pr6hy6zcoirdumjqgy3dknrxgiztolbcoqrdumjxge2dqnbxgm2dolbcomrduircpu&mode=2 HTTP/1.1
Host: t.bawixi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.bawixi.xyz/1/?zid=9776
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Sat, 04 May 2024 18:29:09 GMT
content-type: text/html
location: https://t.yunaga.xyz/1/?spot_id=2561&zone_id=14102_ck_if_
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aWzzDMf4fzYWwUsENVGL6tiYoyzciD0rKKMfq2Q8%2BY5enyjpoSQBMqo2orEZS%2BKtzIGeHXRnZF7EtzSdAhYgs0%2Ft3OW0JGJ9oo4ATDY8IRSdZzz9pp1DvOvVM3WbmZs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8dfd6875b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:12 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=46428b204d5bde341365c567d0ff9058|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:11 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=bd81e1ef9383d0eb91dde483ef6c184b; expires=Sat, 04-May-24 21:29:11 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=570a994a3a5350c9799043851a088521|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:11 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=BDF166C74C33129BC3FC0007005605D2; Path=/; Secure; HttpOnly
x-request-id: 6b87f41c30168d7d3151517867ec0117
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:12 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:12 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=99cd7fdbf66ec6143c0c2d825721f6bd|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:12 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=b1c8009a652c0df1dfe3814add01448f; expires=Sat, 04-May-24 21:29:12 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=443eb3c92762d13bed33267a8342764f|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:12 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=BB9AF4F909E2483530DDD69EF93FD60D; Path=/; Secure; HttpOnly
x-request-id: f1c9be04b61af4d301759e4c8cabd1c1
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:12 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:13 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=ac983af81f8fefa50716ab0fe6c91720|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:13 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=1b5d51f9ee27a9574c404a75447e0c6b; expires=Sat, 04-May-24 21:29:13 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=c56ce526b3897cfa3f8b29c73aa14918|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:13 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=8BE735521C34F7C6DFB72A275DB5A445; Path=/; Secure; HttpOnly
x-request-id: d3174ff89eb0139e6e9557495304c713
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:13 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| t.bawixi.xyz/1/?zid=9776 | 188.114.96.1 | 200 OK | 1.1 kB |
IP188.114.96.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectbawixi.xyz FingerprintAF:9E:B4:BC:30:9E:5D:F1:48:C5:77:67:A5:95:F2:70:E6:E5:A8:91 ValidityThu, 14 Mar 2024 01:23:09 GMT - Wed, 12 Jun 2024 01:23:08 GMT
File typeHTML document, ASCII text, with very long lines (1072), with no line terminators Hash3e10e99bcd48b5b6984daea705f3314e 31172ff1906024c7ac9fddb9351ff664ee06cc4f d1122e62f709cc49ad96982df2bb3d257ecbd728606dd6830df8c504497e7014
GET /1/?zid=9776 HTTP/1.1
Host: t.bawixi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xml.popmansion.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:09 GMT
content-type: text/html
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dZ2W7BQOVInogzo4oBt63bTDMXthuwEeYjuBV3wr2DcD9Fric0NemRpVkOtqEt3ws969%2BWFN78VqFA0FuxdQLxtYrITKCT3H8zOXNaHDOF95IMD9QHxgmJwaFW%2BJ78E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8dfb489a1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:14 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=6a17255fe297cb45925dc828a413fad2|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:14 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=ef4101c8539100bac135aaea1932bfe9; expires=Sat, 04-May-24 21:29:14 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=76348afed499b297523ae8124e5ea769|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:14 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=B2370E34BEC28BBA4EBF65995110BCE2; Path=/; Secure; HttpOnly
x-request-id: 8b2873e9438bc220568ce3efdd7840dc
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:14 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| younetu.cc/favicon.ico | 172.67.72.146 | 200 OK | 42 kB |
IP172.67.72.146:443
Requested byhttps://younetu.cc/player/embed_player.php?vid=1ygaPjPWcQv0 CertificateIssuerLet's Encrypt Subjectyounetu.cc Fingerprint51:C8:E6:4E:6B:51:0E:06:AB:AE:8B:42:41:D7:6E:DD:96:36:FB:58 ValidityMon, 01 Apr 2024 21:29:48 GMT - Sun, 30 Jun 2024 21:29:47 GMT
File typeMS Windows icon resource - 1 icon, 100x100, 32 bits/pixel Hash1f1617bb9d33485e49af9fae638831f9 e245af39fd84866e07b7e177fa0ff6d25221252f 3fe1701b124953220bd71e61910006cb7c3ae36f6c8975075c842101d97cf513
GET /favicon.ico HTTP/1.1
Host: younetu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.cc/player/embed_player.php?vid=1ygaPjPWcQv0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:04 GMT
content-type: image/x-icon
cache-control: public, max-age=604800
expires: Fri, 10 May 2024 06:14:54 GMT
last-modified: Mon, 04 May 2020 19:52:00 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 130450
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8nX29QJRvJ6nhpaBho5yi6%2FDsOOZ2d%2BdYfKmi6dw5linOY1TnGAK5ERZyz8yO1B7i9Q91fe0LnP%2BwsajewpEgACOoW2a7w3uqPNCgWjVVFmfLstsLblsdXvL1mQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8ddcbd3556c6-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| younetu.org/js/script_33.11.js?16 | 188.114.97.1 | 200 OK | 7.0 kB |
URL GET HTTP/3younetu.org/js/script_33.11.js?16 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (7103), with no line terminators Hash98cd73beea886c747a13cf869d64398f 9b0c0062c7863a1df27f8b563732f72f5f38a176 720e4b5e774911a3fde9a12e1d37d170132b204e1b0e79c84cc9339ed15be88c
GET /js/script_33.11.js?16 HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no
Cookie: uid=z4lzxVcKb4w*wzZYat_JGvZWOG3Npy1j
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:29:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 22 Dec 2023 20:09:58 GMT
etag: W/"6585ed16-1b3e"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 345033
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4YUse5sKPRSb9ACwP%2Fy7z7roEObvzatrzixbBY2fYjOowZWmMOuRyBBo9hlhOFRXJ6SjRJmtvlW1DA%2Fnls3OOOa5LeQ7u1T7636IE1a946T3c5AtWlTOD4bCb0RHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8de08b3d56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerSectigo Limited Subject*.poprtb.com FingerprintBC:1E:BA:6C:0D:14:DC:3F:C7:53:D4:7C:D1:CE:5A:EC:61:16:21:71 ValidityThu, 27 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=491010&auth=OpDJQF&pubid=152420 HTTP/1.1
Host: xml.poprtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://marazma.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 18:29:08 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:11 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=2cec5b8a82b6747f079659604ee9299d|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:11 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=6fbb0f856da97952ffc8f76d6bdbe615; expires=Sat, 04-May-24 21:29:11 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=6ff76a1cf5197a9f602c3da51f804d40|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:11 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=5FE796D952A381478DDA2D42B9B5414A; Path=/; Secure; HttpOnly
x-request-id: 0187ed347721d4cd6c09eb93be049b49
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:11 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:14 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=99cd7fdbf66ec6143c0c2d825721f6bd|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:13 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=2daa27ad0dc35d8a224017897d0678b8; expires=Sat, 04-May-24 21:29:13 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=c6c131f411ed2a42c2d30ebb52487c63|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:13 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=56B08515138EA6929B27F4E08D2A9A95; Path=/; Secure; HttpOnly
x-request-id: d0ffeddb4e503c131c8f7fe8a1c99bf2
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:13 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:14 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=787091738c5d147a7b8fb5da33372e4d|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:14 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=28e99f0da34a0963af1917e3e6b66115; expires=Sat, 04-May-24 21:29:14 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=6127fcdbe045752eebc45d6bc9888a3e|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:14 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=4E83A48062C2EFDDA10ECB45B2F7AF29; Path=/; Secure; HttpOnly
x-request-id: a780e9175f1a10ad38a922b5cea9f6a3
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:14 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:08 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: c0cb1ab2411f822c826b26cbcb72e1ce
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 18:29:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pcqt4CVCC6Ba5nc6YC2R3nIB%2F9CqKaue7%2BB%2FXyuR2mxG92f9Ndn32dbKiOz%2F4ZXygtuiZ9OAnepwOdaxe%2BTloU3mC5Bu8kf14KWNUaQ%2FG9Qrj8oqBGgcTJYQjwx1PN2OoK5DEiG9dlXSWeEUdcU5CA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea8df25c35b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:29:15 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=99cd7fdbf66ec6143c0c2d825721f6bd|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Sat, 04-May-24 19:29:15 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=632f302a6ad9b51b97011963a6ab7b6d; expires=Sat, 04-May-24 21:29:15 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=dcd2ac585cd74ff7d0087504107aa255|52b57b1639bb8e648ac62eed802c09a2; Expires=Sat, 04-May-24 21:29:15 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=1AFAD0920ABD71371D8C508F5BE55882; Path=/; Secure; HttpOnly
x-request-id: ddbabc4de0ce41b34b40caadba8c3863
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 04 May 2024 18:30:15 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| dns.google/resolve?name=154.42.90.91.in-addr.arpa&type=PTR&cd=true | 8.8.4.4 | 200 OK | 279 B |
URL GET HTTP/2dns.google/resolve?name=154.42.90.91.in-addr.arpa&type=PTR&cd=true IP8.8.4.4:443
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectdns.google Fingerprint41:5F:5D:10:46:91:3F:37:E8:4D:A6:A0:36:6C:B5:2D:78:A3:6B:C6 ValidityTue, 16 Apr 2024 04:20:45 GMT - Tue, 09 Jul 2024 04:20:44 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (317), with no line terminators Hash15ca3fba8a3e8bdca84e6744946c0dd6 dffd57e8d2055d48097205db46f30f665340dee1 ca443981da0589faccdded9835eb8800605eabfe95a7d4faf275ded491782932
GET /resolve?name=154.42.90.91.in-addr.arpa&type=PTR&cd=true HTTP/1.1
Host: dns.google
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://younetu.org/
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
date: Sat, 04 May 2024 18:29:05 GMT
expires: Sat, 04 May 2024 18:29:05 GMT
cache-control: private, max-age=300
content-type: application/json; charset=UTF-8
content-encoding: gzip
server: HTTP server (unknown)
content-length: 196
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 0.0.0.0 | | 0 B |
URL GET www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP0.0.0.0:0
Requested byhttps://younetu.org/player/embed_player.php?vid=ZW8mvRe1SZtx&autoplay=no CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=http://welcome.unibet.com&btag=320669908_61c3a345b49246e7a11c1be31cf86509&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714847350504)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024541829%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
0.0.0.0